Saral Kaushik Saralblog vulnerabilities
2 known vulnerabilities affecting saral_kaushik/saralblog.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-0345P3HIGHCVSS 7.5PoCv1.02006-01-21
CVE-2006-0345 [HIGH] CVE-2006-0345: Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary
Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058.
nvd
CVE-2006-0346P4MEDIUMCVSS 4.3v1.02006-01-21
CVE-2006-0346 [MEDIUM] CVE-2006-0346: Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrar
Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php.
nvd