Uapplication: >> Ublog Reload >> 1.0.4 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVSS Score
4.3
EPSS Score
0.006
Published
2005-05-02
Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-05-02