CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0101

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0620%
EPSS Percentile7.70th
PublishedJan 6, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta 20051202 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p and (2) keyword parameters in (a) index.php and (b) search.php.

Affected Platforms (CPE)

πŸ“¦
Sblog

Sblog

<= 0.7.1_build2005-12-02_beta

References & Advisories

πŸ”— http://osvdb.org/ref/22/22373-sblog.txt
πŸ”— http://www.osvdb.org/22373
πŸ”— http://www.osvdb.org/22374
πŸ”— http://www.vupen.com/english/advisories/2006/0041
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/23979
πŸ”— http://osvdb.org/ref/22/22373-sblog.txt
πŸ”— http://www.osvdb.org/22373
πŸ”— http://www.osvdb.org/22374

Related Vulnerabilities

CVE-2006-218910.0

SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the...

CVE-2007-58187.6

Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows remote attackers to change arbitr...

CVE-2007-18017.5

Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary loc...

CVE-2006-11354.3

Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML v...