Vulnerabilities (CVE)

Filtered by vendor Blogator-script Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1760 1 Blogator-script 1 Blogator-script 2024-02-14 6.8 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.
CVE-2008-6473 1 Blogator-script 1 Blogator-script 2024-02-04 6.4 MEDIUM N/A
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.