CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Lblog: Security Vulnerabilities

CVE-2007-0077

lblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a certain file in admin/db/newFolder/.

CVSS Score

5.0

EPSS Score

0.005

Published

2007-01-05

CVE-2006-4284

SQL injection vulnerability in comments.asp in LBlog 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS Score

7.5

EPSS Score

0.017

Published

2006-08-22

Page 1

Vulnerabilities

Vulnerable Software

Lblog: Security Vulnerabilities

Products

Pricing

Contact Us