Bitdamaged : Security Vulnerabilities, CVEs,
SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD_1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter ($tmpCategory variable).
Max CVSS
7.5
EPSS Score
5.03%
Published
2006-01-18
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
Max CVSS
4.3
EPSS Score
0.89%
Published
2006-05-04
Updated
2018-10-18
2 vulnerabilities found