GCVE - cpe:2.3:a:a-blog:a-blog:2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:a-blog:a-blog:2:*:*:*:*:*:*:*

part: a version: 2 update: *

Vendor	A Blog (`67dfa481-1270-58dc-8d8f-bb080d4dd25b`)
Product	A Blog (`27283f63-97d7-5f78-b2f1-e552bd67b5f5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-0677`	vulnerable	2026-06-03 14:28:37.627976	Details available SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action. Published: 2008-02-12T00:00:00.000Z Updated: 2024-08-07T07:54:23.150Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/5050 http://www.securityfocus.com/bid/27594	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0676`	vulnerable	2026-06-03 14:28:37.627541	Details available Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. Published: 2008-02-12T00:00:00.000Z Updated: 2024-08-07T07:54:22.778Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/5050 http://www.securityfocus.com/bid/27594	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-5135`	vulnerable	2026-06-03 14:27:44.974635	Details available Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/search.php and (c) navigation/donation.php; and the (6) navigation_start and (7) navigation_middle parameters in navigation/donation.php, (d) navigation/latestnews.php, and (e) navigation/links.php; different vectors than CVE-2006-5092. Published: 2006-10-02T20:00:00.000Z Updated: 2024-08-07T19:41:05.699Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/20238 https://www.exploit-db.com/exploits/2442 https://exchange.xforce.ibmcloud.com/vulnerabilities/29218	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-5092`	vulnerable	2026-06-03 14:27:44.874919	Details available PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote attackers to execute arbitrary PHP code via a URL in the navigation_start parameter. Published: 2006-09-29T20:00:00.000Z Updated: 2024-08-07T19:41:04.519Z Open on db.gcve.eu Reference links http://secunia.com/advisories/22061 https://www.exploit-db.com/exploits/2436 http://www.vupen.com/english/advisories/2006/3796 http://www.securityfocus.com/bid/20230 http://www.osvdb.org/29217	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.