Filtered by vendor Blogator-script Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-6473 1 Blogator-script 1 Blogator-script 2024-11-21 N/A
_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
CVE-2008-1760 1 Blogator-script 1 Blogator-script 2024-11-21 N/A
Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.