Family: CGI abuses --> Category: infos
bBlog <= 0.7.4 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in bBlog <= 0.7.4
Detailed Explanation for this Vulnerability Test
The remote host contains a PHP application that is affected by
The remote host is running bBlog, an open-source blog software
According to its banner, the remote version of this software suffers
from several vulnerabilities:
o A SQL Injection Vulnerability
It is reportedly possible to inject SQL statements through
the 'postid' parameter of the 'index.php' script.
o Multiple Cross-Site Scripting Vulnerabilities
The application fails to properly sanitize user-supplied
input through the blog entry title field and the comment
See also :
Unknown at this time.
Medium / CVSS Base Score : 5
Click HERE for more information and discussions on this network vulnerability scan.