IDCVSSSummaryLast (major) updatePublished
CVE-2010-2436 7.5
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
10-10-2018 - 19:59 24-06-2010 - 17:30
CVE-2010-2437 4.3
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
10-10-2018 - 19:59 24-06-2010 - 17:30
Back to Top Mark selected
Back to Top