Lucene search

Yblog Security Vulnerabilities

cve

CVE-2008-2668

Multiple cross-site scripting (XSS) vulnerabilities in yBlog 0.2.2.2 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3)...

5.8AI Score

0.006EPSS

2008-06-12 02:32 AM

cve

CVE-2008-2669

Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3)...

8.5AI Score

0.003EPSS

2008-06-12 02:32 AM

cve

CVE-2006-5146

Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in (a) funk.php, or the (2) action parameter in (b) tem.php and (c)...

6AI Score

0.022EPSS

2006-10-05 04:04 AM