Jason Hines Phpweblog vulnerabilities
2 known vulnerabilities affecting jason_hines/phpweblog.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2005-0698P3MEDIUMCVSS 4.6PoCv0.4.2v0.5+3 more2005-03-07
CVE-2005-0698 [MEDIUM] CVE-2005-0698: PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to ex
PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code.
nvd
CVE-2001-0088P4HIGHCVSS 7.5v0.4.22001-02-16
CVE-2001-0088 [HIGH] CVE-2001-0088: common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
nvd