Comdev Web Blogger vulnerabilities
3 known vulnerabilities affecting comdev/comdev_web_blogger.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-6250P3MEDIUMCVSS 6.8PoC≤ 4.1.3v4.12009-02-23
CVE-2008-6250 [MEDIUM] CWE-89 CVE-2008-6250: SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execu
SQL injection vulnerability in Comdev Web Blogger 4.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter to a blog page.
nvd
CVE-2007-3084P4HIGHCVSS 7.5v4.12007-06-06
CVE-2007-3084 [HIGH] CVE-2007-3084: PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote
PHP remote file inclusion vulnerability in sampleblogger.php in Comdev Web Blogger 4.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter, a different vector than CVE-2006-5441.
nvd
CVE-2006-5441P4HIGHCVSS 7.5v4.12006-10-20
CVE-2006-5441 [HIGH] CVE-2006-5441: PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_gl
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
nvd