RSS   Podatności dla 'Super simple blog script'   RSS

2009-07-20
 
CVE-2009-2553

 

 
Multiple SQL injection vulnerabilities in comments.php in Super Simple Blog Script 2.5.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the entry parameter.

 
 
CVE-2009-2552

 

 
Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top