Simplog: >> Simplog Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in login.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the btag parameter.
CVSS Score
6.8
EPSS Score
0.187
Published
2006-04-13
Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post.
CVSS Score
4.3
EPSS Score
0.003
Published
2006-03-08
Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the (1) act and (2) blogid parameters.
CVSS Score
6.4
EPSS Score
0.099
Published
2006-03-08
Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid (1) pid, (2) blogid, (3) cid, or (4) m parameters to archive.php, or the (5) blogid parameter to blogadmin.php.
CVSS Score
7.5
EPSS Score
0.007
Published
2005-09-27
Page 2