Blogator-Script vulnerabilities
2 known vulnerabilities affecting blogator-script/blogator-script.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-1760P3MEDIUMCVSS 6.8PoC≤ 1.00v0.90+4 more2008-04-12
CVE-2008-1760 [MEDIUM] CWE-94 CVE-2008-1760: Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attac
Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.
nvd
CVE-2008-6473P3MEDIUMCVSS 6.4PoCv0.952009-03-16
CVE-2008-6473 [MEDIUM] CWE-255 CVE-2008-6473: _blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the pass
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
nvd