Insane Visions Blogphp vulnerabilities
2 known vulnerabilities affecting insane_visions/blogphp.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2006-0318P3HIGHCVSS 7.5PoCv1.02006-01-19
CVE-2006-0318 [HIGH] CWE-89 CVE-2006-0318: SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows r
SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.
nvd
CVE-2006-0372P3HIGHCVSS 7.5PoCv1.02006-01-22
CVE-2006-0372 [HIGH] CVE-2006-0372: Multiple SQL injection vulnerabilities in config.php in Insane Visions BlogPHP, possibly 1.0, allow
Multiple SQL injection vulnerabilities in config.php in Insane Visions BlogPHP, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) blogphp_username or (2) blogphp_password parameter in a cookie.
nvd