CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Anecms: >> Anecms Blog Security Vulnerabilities

CVE-2010-2436

SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.

CVSS Score

7.5

EPSS Score

0.001

Published

2010-06-24

CVE-2010-2437

Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.

CVSS Score

4.3

EPSS Score

0.002

Published

2010-06-24

Page 1

Vulnerabilities

Vulnerable Software

Anecms: >> Anecms Blog Security Vulnerabilities

Products

Pricing

Contact Us