Every CVE whose affected-product data names Mywebland Mybloggie, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2007-3194 — CVSS 9.8 (critical): Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the…
CVE-2006-3905 — CVSS 7.5 (high): SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the (1) post_id…
CVE-2007-3003 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1)…
CVE-2006-2859 — CVSS 7.5 (high): PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in…
CVE-2006-4042 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute…
CVE-2005-1499 — CVSS 7.5 (high): delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter.
CVE-2005-1500 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the keyword…
CVE-2005-2838 — CVSS 7.5 (high): SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via…
CVE-2005-3153 — CVSS 7.5 (high): login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection…
CVE-2007-0353 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary…
CVE-2006-3903 — CVSS 5.8 (medium): CRLF injection vulnerability in (1) index.php and (2) admin.php in myWebland MyBloggie 2.1.3 allows remote attackers to hijack sessions and…
CVE-2007-3650 — CVSS 5.3 (medium): myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached…
CVE-2008-3080 — CVSS 5.1 (medium): Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions…
CVE-2007-1899 — CVSS 5.1 (medium): Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote attackers to execute arbitrary SQL commands via (1) the…
CVE-2005-1497 — CVSS 5.0 (medium): index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the…
CVE-2006-4043 — CVSS 5.0 (medium): index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive information via a query that only specifies…
CVE-2006-2269 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in myWebland MyBloggie 2.1.3 and earlier allows remote attackers to inject arbitrary web script or…
CVE-2005-1140 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the comments.
CVE-2006-1205 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in myWebland myBloggie 2.1.3 beta and earlier allow remote attackers to inject…
CVE-2005-1498 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via…