| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-0754 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1.7.3 rc2 allows remote attackers to inject arbitrary web script or HTML via the which parameter in a copy action.
|
13-01-2018 - 02:29 | 27-02-2010 - 00:30 | |
| CVE-2010-0755 | 7.5 |
PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote attackers to execute arbitrary PHP code via a URL in the langFile parameter.
|
17-08-2017 - 01:32 | 27-02-2010 - 00:30 | |
| CVE-2010-0756 | 5.8 |
Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote attackers to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_Wiky, or (3) index.php/Edit/Main.
|
17-08-2017 - 01:32 | 27-02-2010 - 00:30 | |
| CVE-2010-0757 | 6.5 |
Unrestricted file upload vulnerability in index.php/Attach in WikyBlog 1.7.3rc2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension using the uploadform action, then accessing it via a direct r
|
17-08-2017 - 01:32 | 27-02-2010 - 00:30 |