Show filters
44 Total Results
Displaying 41-44 of 44
Sort by:
Attacker Value
Unknown

CVE-2005-2192

Disclosure Date: July 11, 2005 (last updated February 22, 2025)
SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers to obtain passwords via a brute force attack.
0
0
Attacker Value
Unknown

CVE-2005-0214

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files via a .. (dot dot) in the entry parameter.
0
0
Attacker Value
Unknown

CVE-2005-1137

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain sensitive information via a direct request to sb_functions.php, which leaks the full pathname in a PHP error message.
0
0
Attacker Value
Unknown

CVE-2005-1135

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
0
0
View More Topics  < Previous