Mike Helton: >> Aoblogger Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag.
CVSS Score
4.3
EPSS Score
0.099
Published
2006-01-19
SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVSS Score
7.5
EPSS Score
0.021
Published
2006-01-19
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.
CVSS Score
5.0
EPSS Score
0.127
Published
2006-01-19