Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-6473 | 1 Blogator-script | 1 Blogator-script | 2018-10-11 | 6.4 MEDIUM | N/A |
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter. | |||||
CVE-2008-1760 | 1 Blogator-script | 1 Blogator-script | 2017-09-28 | 6.8 MEDIUM | N/A |
Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include. |