Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-7587

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2019-7587
  • Bo-Blog » Bw » Version: 1.0.4
    cpe:2.3:a:bo-blog:bw:1.0.4
  • Bo-Blog » Bw » Version: 1.0.6
    cpe:2.3:a:bo-blog:bw:1.0.6
  • Bo-Blog » Bw » Version: 1.0.7
    cpe:2.3:a:bo-blog:bw:1.0.7
  • Bo-Blog » Bw » Version: 1.0.7-r
    cpe:2.3:a:bo-blog:bw:1.0.7-r
  • Bo-Blog » Bw » Version: 1.0.8
    cpe:2.3:a:bo-blog:bw:1.0.8
  • Bo-Blog » Bw » Version: 1.0.8-r
    cpe:2.3:a:bo-blog:bw:1.0.8-r
  • Bo-Blog » Bw » Version: 1.0.9
    cpe:2.3:a:bo-blog:bw:1.0.9
  • Bo-Blog » Bw » Version: 1.1.0
    cpe:2.3:a:bo-blog:bw:1.1.0
  • Bo-Blog » Bw » Version: 1.2.1
    cpe:2.3:a:bo-blog:bw:1.2.1
  • Bo-Blog » Bw » Version: 1.2.1-r
    cpe:2.3:a:bo-blog:bw:1.2.1-r
  • Bo-Blog » Bw » Version: 1.4.0
    cpe:2.3:a:bo-blog:bw:1.4.0
  • Bo-Blog » Bw » Version: 1.5.0
    cpe:2.3:a:bo-blog:bw:1.5.0
  • Bo-Blog » Bw » Version: 1.6.0
    cpe:2.3:a:bo-blog:bw:1.6.0
  • Bo-Blog » Bw » Version: 1.6.0-r
    cpe:2.3:a:bo-blog:bw:1.6.0-r


Products
Pricing
Contact Us

Shodan ® - All rights reserved