CVEDB API

Vulnerabilities

Vulnerable Software

Wheatblog: >> Wheatblog >> 1.1 Security Vulnerabilities

CVE-2007-3557

SQL injection vulnerability in admin/login.php in Wheatblog (wB) 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter.

CVSS Score

6.8

EPSS Score

0.007

Published

2007-07-04

CVE-2006-7002

Cross-site scripting (XSS) vulnerability in add_comment.php in Wheatblog (wB) 1.1 allows remote attackers to inject arbitrary web script or HTML via the Email field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue may overlap CVE-2006-5195.

CVSS Score

4.3

EPSS Score

0.002

Published

2007-02-12

CVE-2006-5195

Multiple cross-site scripting (XSS) vulnerabilities in Wheatblog 1.0 and 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

CVSS Score

6.8

EPSS Score

0.008

Published

2006-10-10

Page 1

Vulnerabilities

Vulnerable Software

Wheatblog: >> Wheatblog >> 1.1 Security Vulnerabilities

Products

Pricing

Contact Us