Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Uapplication Subscribe
Filtered by product Ublog
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2246 1 Uapplication 1 Ublog 2018-10-18 5.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry.
CVE-2007-0799 1 Uapplication 1 Ublog 2018-10-16 7.5 HIGH N/A
SQL injection vulnerability in badword.asp in Ublog Reload 1.0.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2005-1426 1 Uapplication 1 Ublog 2017-10-10 5.0 MEDIUM N/A
Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb (aka mdb-database/blog.msb).