Vulnerabilities (CVE)

Filtered by vendor Supersimple Subscribe
Filtered by product Super Simple Blog Script
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2553 1 Supersimple 1 Super Simple Blog Script 2024-11-21 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in comments.php in Super Simple Blog Script 2.5.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the entry parameter.
CVE-2009-2552 1 Supersimple 1 Super Simple Blog Script 2024-11-21 6.8 MEDIUM N/A
Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter.