CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Bloo: >> Bloo Security Vulnerabilities

CVE-2006-6019

Cross-site scripting (XSS) vulnerability in extensions/googiespell/googlespell_proxy.php in Bill Roberts Bloo 1.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

CVSS Score

6.8

EPSS Score

0.008

Published

2006-11-21

CVE-2006-6023

PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. NOTE: this issue is disputed by CVE since $descriptorFileList is used in a function definition within phoo.base.php

CVSS Score

7.5

EPSS Score

0.007

Published

2006-11-21

Page 1

Vulnerabilities

Vulnerable Software

Bloo: >> Bloo Security Vulnerabilities

Products

Pricing

Contact Us