Home/Product/alexander palmo simple php blog
Product

alexander palmo simple php blog

14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-15223
<= 2025-01-22
A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. Impacted is an unknown fun
4.3MEDIUM
 CVE-2025-14227
<= 2025-01-22
A security flaw has been discovered in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. This issue affec
6.3MEDIUM
 CVE-2011-5029
<= 0.7.0
Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier allow remote attackers to inject
 CVE-2009-4421
<= 0.5.1
Directory traversal vulnerability in languages_cgi.php in Simple PHP Blog 0.5.1 and earlier allows remote authenticated users to i
 CVE-2007-5072
<= 0.5.0.1
Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog (SPHPBlog) before 0.5.1, when register_globals is enabled,
 CVE-2007-5071
<= 0.5.0.1
Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangero
 CVE-2006-1243
<= 0.4.7.1
Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include
 CVE-2005-3473
all versions
Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.4.5 and earlier allow remote attackers to inject arbitrar
 CVE-2005-2787
all versions
comment_delete_cgi.php in Simple PHP Blog allows remote attackers to delete arbitrary files via the comment parameter.
 CVE-2005-2733
all versions
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow r
 CVE-2005-2192
all versions
SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers
 CVE-2005-1137
all versions
Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain sensitive information via a direct request to sb_functions.php,
 CVE-2005-1135
all versions
Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbi
 CVE-2005-0214
all versions
Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files v
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh