MidnightBSD

Advisories for blogbuddies

CVE-2005-3954 MEDIUM

Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows remote attackers to inject arbitrary web script or HTML via the u parameter to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
blogbuddies blogbuddies 0.3
CVE-2005-3955 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
magpierss magpierss 7.1
jaws jaws 0.6.2
blogbuddies blogbuddies 0.3