Michiel Van Baak » Mvblog : Security Vulnerabilities, CVEs,
Multiple cross-site scripting (XSS) vulnerabilities in the backend in MvBlog before 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) body fields in a comment.
Max CVSS
2.6
EPSS Score
0.68%
Published
2006-04-12
Updated
2017-07-20
Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
Max CVSS
7.5
EPSS Score
0.36%
Published
2006-04-12
Updated
2017-07-20
2 vulnerabilities found