Publicwarehouse : Security Vulnerabilities, CVEs,
Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.php, and the (3) Lightblog_username cookie parameter to check_user.php.
Max CVSS
6.8
EPSS Score
0.54%
Published
2009-02-19
Updated
2017-09-29
Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the username parameter.
Max CVSS
4.4
EPSS Score
1.16%
Published
2008-02-20
Updated
2018-10-15
2 vulnerabilities found