CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-5081
https://notcve.org/view.php?id=CVE-2006-5081
PHP remote file inclusion vulnerability in acc.php in QuickBlogger (QB) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. Vulnerabilidad PHP de inclusión remota de archivo en acc.php en QuickBlogger (QB) 1.4 permite a atacantes remotos ejecutar código PHP arbitrario mediante una URL en el parámetro page. • http://securityreason.com/securityalert/1651 http://securitytracker.com/id?1016934 http://www.securityfocus.com/archive/1/447003/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/29173 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-1791
https://notcve.org/view.php?id=CVE-2006-1791
Directory traversal vulnerability in acc.php in QuickBlogger 1.4 allows remote attackers to read or include arbitrary local files via the request parameter. NOTE: this issue can also produce resultant XSS when the associated include statement fails. • http://secunia.com/advisories/15942 http://www.securityfocus.com/archive/1/430878/100/0/threaded http://www.securityfocus.com/archive/1/431059/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/25795 •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 1CVE-2005-4785
https://notcve.org/view.php?id=CVE-2005-4785
Cross-site scripting (XSS) vulnerability in QuickBlogger 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) author ("your name") and (2) "comment" section. • http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0090.html http://exploitlabs.com/files/advisories/EXPL-A-2005-011-quickblogger.txt http://secunia.com/advisories/15942 http://securitytracker.com/id?1014386 http://www.securityfocus.com/bid/14152 http://www.vupen.com/english/advisories/2005/0987 https://exchange.xforce.ibmcloud.com/vulnerabilities/21244 •