CVE-2011-5029

Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry parameter to delete.php or (2) category parameter to index.php.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
alexander_palmosimple_php_blog
𝑥
≤ 0.7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/77696
http://osvdb.org/77697
http://secunia.com/advisories/46893
https://exchange.xforce.ibmcloud.com/vulnerabilities/71821
http://osvdb.org/77696
http://osvdb.org/77697
http://secunia.com/advisories/46893
https://exchange.xforce.ibmcloud.com/vulnerabilities/71821