Publicwarehouse Lightblog vulnerabilities
2 known vulnerabilities affecting publicwarehouse/lightblog.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-6177P3MEDIUMCVSS 6.8PoCv9.82009-02-19
CVE-2008-6177 [MEDIUM] CWE-22 CVE-2008-6177: Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, al
Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php.
nvd
CVE-2008-0840P4MEDIUMCVSS 4.4PoCv9.62008-02-20
CVE-2008-0840 [MEDIUM] CWE-22 CVE-2008-0840: Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote
Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the username parameter.
nvd