| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-3364 | 7.5 |
SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS before 4.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Upgrade to BLOG:CMS version 4.1.0 :
http://sourceforge.net/project/showfiles.php?g
|
18-10-2018 - 16:47 | 06-07-2006 - 20:05 | |
| CVE-2006-4748 | 7.5 |
Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 | |
| CVE-2008-0359 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin.php or (2) index.php in photo/.
|
19-10-2017 - 01:30 | 18-01-2008 - 22:00 | |
| CVE-2008-0360 | 7.5 |
Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote attackers to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/inde
|
19-10-2017 - 01:30 | 18-01-2008 - 22:00 | |
| CVE-2010-4749 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admi
|
22-09-2011 - 03:27 | 01-03-2011 - 22:00 |