Davethewebguy Battle Blog vulnerabilities
2 known vulnerabilities affecting davethewebguy/battle_blog.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-3718P3HIGHCVSS 7.5PoCv1.25v1.302009-10-16
CVE-2009-3718 [HIGH] CWE-89 CVE-2009-3718: SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows re
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter.
nvd
CVE-2009-3719P4MEDIUMCVSS 4.3PoCv1.25v1.302009-10-16
CVE-2009-3719 [MEDIUM] CWE-79 CVE-2009-3719: Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to inject arbitrary web script or HTML via a comment.
nvd