Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2006-3832 (GCVE-0-2006-3832)

Vulnerability from nvd – Published: 2006-07-25 00:00 – Updated: 2024-08-07 18:48

Summary

SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/27442	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/21157	third-party-advisoryx_refsource_SECUNIA
	http://loudblog.de/forum/viewtopic.php?id=762	x_refsource_CONFIRM
	http://retrogod.altervista.org/loudblog_05_sql.html	x_refsource_MISC
	http://www.vupen.com/english/advisories/2006/2934	vdb-entryx_refsource_VUPEN
	http://loudblog.de/forum/viewtopic.php?id=770	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/440763/100…	mailing-listx_refsource_BUGTRAQ
	http://securityreason.com/securityalert/1274	third-party-advisoryx_refsource_SREASON

Date Public ?

2006-07-20 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:39.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27442",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27442"
          },
          {
            "name": "21157",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21157"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=762"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://retrogod.altervista.org/loudblog_05_sql.html"
          },
          {
            "name": "ADV-2006-2934",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2934"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=770"
          },
          {
            "name": "loudblog-index-sql-injection(27896)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
          },
          {
            "name": "20060720 LoudBlog \u003c=0.5 Sql injection",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
          },
          {
            "name": "1274",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1274"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27442",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27442"
        },
        {
          "name": "21157",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21157"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=762"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://retrogod.altervista.org/loudblog_05_sql.html"
        },
        {
          "name": "ADV-2006-2934",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2934"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=770"
        },
        {
          "name": "loudblog-index-sql-injection(27896)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
        },
        {
          "name": "20060720 LoudBlog \u003c=0.5 Sql injection",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
        },
        {
          "name": "1274",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1274"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3832",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27442",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27442"
            },
            {
              "name": "21157",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21157"
            },
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=762",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=762"
            },
            {
              "name": "http://retrogod.altervista.org/loudblog_05_sql.html",
              "refsource": "MISC",
              "url": "http://retrogod.altervista.org/loudblog_05_sql.html"
            },
            {
              "name": "ADV-2006-2934",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2934"
            },
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=770",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=770"
            },
            {
              "name": "loudblog-index-sql-injection(27896)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
            },
            {
              "name": "20060720 LoudBlog \u003c=0.5 Sql injection",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
            },
            {
              "name": "1274",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1274"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3832",
    "datePublished": "2006-07-25T00:00:00.000Z",
    "dateReserved": "2006-07-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:48:39.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-3820 (GCVE-0-2006-3820)

Vulnerability from nvd – Published: 2006-07-25 00:00 – Updated: 2024-08-07 18:48

Summary

Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/19082	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/2901	vdb-entryx_refsource_VUPEN
	http://loudblog.de/forum/viewtopic.php?id=756	x_refsource_CONFIRM
	http://secunia.com/advisories/21098	third-party-advisoryx_refsource_SECUNIA
	http://www.securesky-tech.com/	x_refsource_MISC

Date Public ?

2006-07-15 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:38.726Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "loudblog-loudblogindex-xss(27849)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27849"
          },
          {
            "name": "19082",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19082"
          },
          {
            "name": "ADV-2006-2901",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2901"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=756"
          },
          {
            "name": "21098",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21098"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securesky-tech.com/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "loudblog-loudblogindex-xss(27849)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27849"
        },
        {
          "name": "19082",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19082"
        },
        {
          "name": "ADV-2006-2901",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2901"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=756"
        },
        {
          "name": "21098",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21098"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securesky-tech.com/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "loudblog-loudblogindex-xss(27849)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27849"
            },
            {
              "name": "19082",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19082"
            },
            {
              "name": "ADV-2006-2901",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2901"
            },
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=756",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=756"
            },
            {
              "name": "21098",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21098"
            },
            {
              "name": "http://www.securesky-tech.com/",
              "refsource": "MISC",
              "url": "http://www.securesky-tech.com/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3820",
    "datePublished": "2006-07-25T00:00:00.000Z",
    "dateReserved": "2006-07-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:48:38.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1114 (GCVE-0-2006-1114)

Vulnerability from nvd – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56

Summary

Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://loudblog.de/forum/viewtopic.php?id=590	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/17023	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/426973/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/19172	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/0878	vdb-entryx_refsource_VUPEN

Date Public ?

2006-03-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:56:15.715Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=590"
          },
          {
            "name": "17023",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17023"
          },
          {
            "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
          },
          {
            "name": "loudblog-index-directory-traversal(25103)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25103"
          },
          {
            "name": "19172",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19172"
          },
          {
            "name": "ADV-2006-0878",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0878"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=590"
        },
        {
          "name": "17023",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17023"
        },
        {
          "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
        },
        {
          "name": "loudblog-index-directory-traversal(25103)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25103"
        },
        {
          "name": "19172",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19172"
        },
        {
          "name": "ADV-2006-0878",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0878"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1114",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=590",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=590"
            },
            {
              "name": "17023",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17023"
            },
            {
              "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
            },
            {
              "name": "loudblog-index-directory-traversal(25103)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25103"
            },
            {
              "name": "19172",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19172"
            },
            {
              "name": "ADV-2006-0878",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0878"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1114",
    "datePublished": "2006-03-09T11:00:00.000Z",
    "dateReserved": "2006-03-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:56:15.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1113 (GCVE-0-2006-1113)

Vulnerability from nvd – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56

Summary

SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://loudblog.de/forum/viewtopic.php?id=590	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/17023	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/426973/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/19172	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/0878	vdb-entryx_refsource_VUPEN

Date Public ?

2006-03-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:56:15.662Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=590"
          },
          {
            "name": "17023",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17023"
          },
          {
            "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
          },
          {
            "name": "19172",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19172"
          },
          {
            "name": "loudblog-podcast-sql-injection(25101)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25101"
          },
          {
            "name": "ADV-2006-0878",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0878"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=590"
        },
        {
          "name": "17023",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17023"
        },
        {
          "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
        },
        {
          "name": "19172",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19172"
        },
        {
          "name": "loudblog-podcast-sql-injection(25101)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25101"
        },
        {
          "name": "ADV-2006-0878",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0878"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1113",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=590",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=590"
            },
            {
              "name": "17023",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17023"
            },
            {
              "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
            },
            {
              "name": "19172",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19172"
            },
            {
              "name": "loudblog-podcast-sql-injection(25101)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25101"
            },
            {
              "name": "ADV-2006-0878",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0878"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1113",
    "datePublished": "2006-03-09T11:00:00.000Z",
    "dateReserved": "2006-03-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:56:15.662Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0565 (GCVE-0-2006-0565)

Vulnerability from nvd – Published: 2006-02-06 23:00 – Updated: 2024-08-07 16:41

Summary

PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://securityreason.com/securityalert/410	third-party-advisoryx_refsource_SREASON
	http://www.osvdb.org/22921	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://retrogod.altervista.org/loudblog_04_incl_x…	x_refsource_MISC
	http://securityreason.com/securityalert/556	third-party-advisoryx_refsource_SREASON
	http://secunia.com/advisories/18722	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1015583	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/16495	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/0441	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/423947/100…	mailing-listx_refsource_BUGTRAQ

Date Public ?

2006-02-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:41:28.722Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "410",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/410"
          },
          {
            "name": "22921",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22921"
          },
          {
            "name": "loudblog-backendsettings-file-include(24479)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24479"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html"
          },
          {
            "name": "556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/556"
          },
          {
            "name": "18722",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18722"
          },
          {
            "name": "1015583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015583"
          },
          {
            "name": "16495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16495"
          },
          {
            "name": "ADV-2006-0441",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0441"
          },
          {
            "name": "20060204 LoudBlog \u003c= 0.4 arbitrary remote inclusion",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423947/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "410",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/410"
        },
        {
          "name": "22921",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22921"
        },
        {
          "name": "loudblog-backendsettings-file-include(24479)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24479"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html"
        },
        {
          "name": "556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/556"
        },
        {
          "name": "18722",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18722"
        },
        {
          "name": "1015583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015583"
        },
        {
          "name": "16495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16495"
        },
        {
          "name": "ADV-2006-0441",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0441"
        },
        {
          "name": "20060204 LoudBlog \u003c= 0.4 arbitrary remote inclusion",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423947/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0565",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "410",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/410"
            },
            {
              "name": "22921",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22921"
            },
            {
              "name": "loudblog-backendsettings-file-include(24479)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24479"
            },
            {
              "name": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html",
              "refsource": "MISC",
              "url": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html"
            },
            {
              "name": "556",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/556"
            },
            {
              "name": "18722",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18722"
            },
            {
              "name": "1015583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015583"
            },
            {
              "name": "16495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16495"
            },
            {
              "name": "ADV-2006-0441",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0441"
            },
            {
              "name": "20060204 LoudBlog \u003c= 0.4 arbitrary remote inclusion",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423947/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0565",
    "datePublished": "2006-02-06T23:00:00.000Z",
    "dateReserved": "2006-02-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:41:28.722Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-3832 (GCVE-0-2006-3832)

Vulnerability from cvelistv5 – Published: 2006-07-25 00:00 – Updated: 2024-08-07 18:48

Summary

SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/27442	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/21157	third-party-advisoryx_refsource_SECUNIA
	http://loudblog.de/forum/viewtopic.php?id=762	x_refsource_CONFIRM
	http://retrogod.altervista.org/loudblog_05_sql.html	x_refsource_MISC
	http://www.vupen.com/english/advisories/2006/2934	vdb-entryx_refsource_VUPEN
	http://loudblog.de/forum/viewtopic.php?id=770	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/440763/100…	mailing-listx_refsource_BUGTRAQ
	http://securityreason.com/securityalert/1274	third-party-advisoryx_refsource_SREASON

Date Public ?

2006-07-20 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:39.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27442",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27442"
          },
          {
            "name": "21157",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21157"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=762"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://retrogod.altervista.org/loudblog_05_sql.html"
          },
          {
            "name": "ADV-2006-2934",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2934"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=770"
          },
          {
            "name": "loudblog-index-sql-injection(27896)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
          },
          {
            "name": "20060720 LoudBlog \u003c=0.5 Sql injection",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
          },
          {
            "name": "1274",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1274"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27442",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27442"
        },
        {
          "name": "21157",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21157"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=762"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://retrogod.altervista.org/loudblog_05_sql.html"
        },
        {
          "name": "ADV-2006-2934",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2934"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=770"
        },
        {
          "name": "loudblog-index-sql-injection(27896)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
        },
        {
          "name": "20060720 LoudBlog \u003c=0.5 Sql injection",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
        },
        {
          "name": "1274",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1274"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3832",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27442",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27442"
            },
            {
              "name": "21157",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21157"
            },
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=762",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=762"
            },
            {
              "name": "http://retrogod.altervista.org/loudblog_05_sql.html",
              "refsource": "MISC",
              "url": "http://retrogod.altervista.org/loudblog_05_sql.html"
            },
            {
              "name": "ADV-2006-2934",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2934"
            },
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=770",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=770"
            },
            {
              "name": "loudblog-index-sql-injection(27896)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
            },
            {
              "name": "20060720 LoudBlog \u003c=0.5 Sql injection",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
            },
            {
              "name": "1274",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1274"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3832",
    "datePublished": "2006-07-25T00:00:00.000Z",
    "dateReserved": "2006-07-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:48:39.107Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-3820 (GCVE-0-2006-3820)

Vulnerability from cvelistv5 – Published: 2006-07-25 00:00 – Updated: 2024-08-07 18:48

Summary

Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/19082	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/2901	vdb-entryx_refsource_VUPEN
	http://loudblog.de/forum/viewtopic.php?id=756	x_refsource_CONFIRM
	http://secunia.com/advisories/21098	third-party-advisoryx_refsource_SECUNIA
	http://www.securesky-tech.com/	x_refsource_MISC

Date Public ?

2006-07-15 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:38.726Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "loudblog-loudblogindex-xss(27849)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27849"
          },
          {
            "name": "19082",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19082"
          },
          {
            "name": "ADV-2006-2901",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2901"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=756"
          },
          {
            "name": "21098",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21098"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securesky-tech.com/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "loudblog-loudblogindex-xss(27849)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27849"
        },
        {
          "name": "19082",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19082"
        },
        {
          "name": "ADV-2006-2901",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2901"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=756"
        },
        {
          "name": "21098",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21098"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securesky-tech.com/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in loudblog/index.php in Loudblog before 0.5 allows remote attackers to inject arbitrary web script or HTML via the page parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "loudblog-loudblogindex-xss(27849)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27849"
            },
            {
              "name": "19082",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19082"
            },
            {
              "name": "ADV-2006-2901",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2901"
            },
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=756",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=756"
            },
            {
              "name": "21098",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21098"
            },
            {
              "name": "http://www.securesky-tech.com/",
              "refsource": "MISC",
              "url": "http://www.securesky-tech.com/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3820",
    "datePublished": "2006-07-25T00:00:00.000Z",
    "dateReserved": "2006-07-24T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:48:38.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1114 (GCVE-0-2006-1114)

Vulnerability from cvelistv5 – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56

Summary

Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://loudblog.de/forum/viewtopic.php?id=590	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/17023	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/426973/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/19172	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/0878	vdb-entryx_refsource_VUPEN

Date Public ?

2006-03-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:56:15.715Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=590"
          },
          {
            "name": "17023",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17023"
          },
          {
            "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
          },
          {
            "name": "loudblog-index-directory-traversal(25103)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25103"
          },
          {
            "name": "19172",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19172"
          },
          {
            "name": "ADV-2006-0878",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0878"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=590"
        },
        {
          "name": "17023",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17023"
        },
        {
          "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
        },
        {
          "name": "loudblog-index-directory-traversal(25103)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25103"
        },
        {
          "name": "19172",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19172"
        },
        {
          "name": "ADV-2006-0878",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0878"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1114",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=590",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=590"
            },
            {
              "name": "17023",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17023"
            },
            {
              "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
            },
            {
              "name": "loudblog-index-directory-traversal(25103)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25103"
            },
            {
              "name": "19172",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19172"
            },
            {
              "name": "ADV-2006-0878",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0878"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1114",
    "datePublished": "2006-03-09T11:00:00.000Z",
    "dateReserved": "2006-03-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:56:15.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1113 (GCVE-0-2006-1113)

Vulnerability from cvelistv5 – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56

Summary

SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://loudblog.de/forum/viewtopic.php?id=590	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/17023	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/426973/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/19172	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.vupen.com/english/advisories/2006/0878	vdb-entryx_refsource_VUPEN

Date Public ?

2006-03-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:56:15.662Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://loudblog.de/forum/viewtopic.php?id=590"
          },
          {
            "name": "17023",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17023"
          },
          {
            "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
          },
          {
            "name": "19172",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19172"
          },
          {
            "name": "loudblog-podcast-sql-injection(25101)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25101"
          },
          {
            "name": "ADV-2006-0878",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0878"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://loudblog.de/forum/viewtopic.php?id=590"
        },
        {
          "name": "17023",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17023"
        },
        {
          "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
        },
        {
          "name": "19172",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19172"
        },
        {
          "name": "loudblog-podcast-sql-injection(25101)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25101"
        },
        {
          "name": "ADV-2006-0878",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0878"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1113",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://loudblog.de/forum/viewtopic.php?id=590",
              "refsource": "CONFIRM",
              "url": "http://loudblog.de/forum/viewtopic.php?id=590"
            },
            {
              "name": "17023",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17023"
            },
            {
              "name": "20060307 Loudblog 0.41 SQL Injection, Local file read/include",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426973/100/0/threaded"
            },
            {
              "name": "19172",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19172"
            },
            {
              "name": "loudblog-podcast-sql-injection(25101)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25101"
            },
            {
              "name": "ADV-2006-0878",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0878"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1113",
    "datePublished": "2006-03-09T11:00:00.000Z",
    "dateReserved": "2006-03-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:56:15.662Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0565 (GCVE-0-2006-0565)

Vulnerability from cvelistv5 – Published: 2006-02-06 23:00 – Updated: 2024-08-07 16:41

Summary

PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://securityreason.com/securityalert/410	third-party-advisoryx_refsource_SREASON
	http://www.osvdb.org/22921	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://retrogod.altervista.org/loudblog_04_incl_x…	x_refsource_MISC
	http://securityreason.com/securityalert/556	third-party-advisoryx_refsource_SREASON
	http://secunia.com/advisories/18722	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1015583	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/16495	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/0441	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/423947/100…	mailing-listx_refsource_BUGTRAQ

Date Public ?

2006-02-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:41:28.722Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "410",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/410"
          },
          {
            "name": "22921",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22921"
          },
          {
            "name": "loudblog-backendsettings-file-include(24479)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24479"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html"
          },
          {
            "name": "556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/556"
          },
          {
            "name": "18722",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18722"
          },
          {
            "name": "1015583",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015583"
          },
          {
            "name": "16495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16495"
          },
          {
            "name": "ADV-2006-0441",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0441"
          },
          {
            "name": "20060204 LoudBlog \u003c= 0.4 arbitrary remote inclusion",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423947/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "410",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/410"
        },
        {
          "name": "22921",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22921"
        },
        {
          "name": "loudblog-backendsettings-file-include(24479)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24479"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html"
        },
        {
          "name": "556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/556"
        },
        {
          "name": "18722",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18722"
        },
        {
          "name": "1015583",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015583"
        },
        {
          "name": "16495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16495"
        },
        {
          "name": "ADV-2006-0441",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0441"
        },
        {
          "name": "20060204 LoudBlog \u003c= 0.4 arbitrary remote inclusion",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423947/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0565",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "410",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/410"
            },
            {
              "name": "22921",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22921"
            },
            {
              "name": "loudblog-backendsettings-file-include(24479)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24479"
            },
            {
              "name": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html",
              "refsource": "MISC",
              "url": "http://retrogod.altervista.org/loudblog_04_incl_xpl.html"
            },
            {
              "name": "556",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/556"
            },
            {
              "name": "18722",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18722"
            },
            {
              "name": "1015583",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015583"
            },
            {
              "name": "16495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16495"
            },
            {
              "name": "ADV-2006-0441",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0441"
            },
            {
              "name": "20060204 LoudBlog \u003c= 0.4 arbitrary remote inclusion",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423947/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0565",
    "datePublished": "2006-02-06T23:00:00.000Z",
    "dateReserved": "2006-02-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:41:28.722Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

10 vulnerabilities found for loudblog by gerrit_van_aaken

CVE-2006-3832 (GCVE-0-2006-3832)

CVE-2006-3820 (GCVE-0-2006-3820)

CVE-2006-1114 (GCVE-0-2006-1114)

CVE-2006-1113 (GCVE-0-2006-1113)

CVE-2006-0565 (GCVE-0-2006-0565)

CVE-2006-3832 (GCVE-0-2006-3832)

CVE-2006-3820 (GCVE-0-2006-3820)

CVE-2006-1114 (GCVE-0-2006-1114)

CVE-2006-1113 (GCVE-0-2006-1113)

CVE-2006-0565 (GCVE-0-2006-0565)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.