CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Blogator-Script: >> Blogator-Script >> 0.95 Security Vulnerabilities

CVE-2008-6473

_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.

CVSS Score

6.4

EPSS Score

0.016

Published

2009-03-16

CVE-2008-1760

Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.

CVSS Score

6.8

EPSS Score

0.035

Published

2008-04-12

Page 1

Vulnerabilities

Vulnerable Software

Blogator-Script: >> Blogator-Script >> 0.95 Security Vulnerabilities

Products

Pricing

Contact Us