Anecms Blog vulnerabilities
2 known vulnerabilities affecting anecms/anecms_blog.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2010-2436P3HIGHCVSS 7.5PoC≤ 1.3v1.02010-06-24
CVE-2010-2436 [HIGH] CWE-89 CVE-2010-2436: SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
nvd
CVE-2010-2437P4MEDIUMCVSS 4.3PoC≤ 1.3v1.02010-06-24
CVE-2010-2437 [MEDIUM] CWE-79 CVE-2010-2437: Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly ea
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
nvd