CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Pyblosxom: Security Vulnerabilities

CVE-2006-2880

Cross-site scripting (XSS) vulnerability in the Contributed Packages for PyBlosxom 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the Comments plugin in the (1) url and (2) author fields.

CVSS Score

6.8

EPSS Score

0.012

Published

2006-06-07

CVE-2006-0707

PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.

CVSS Score

5.0

EPSS Score

0.004

Published

2006-02-15

Page 1

Vulnerabilities

Vulnerable Software

Pyblosxom: Security Vulnerabilities

Products

Pricing

Contact Us