SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fuzzymonkey | myclassifieds | 2.11 |
Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fuzzymonkey | my_blog | 1.63 |
| fuzzymonkey | my_blog | 1.23 |
| fuzzymonkey | my_blog | 1.52 |
| fuzzymonkey | my_blog | 1.4 |
| fuzzymonkey | my_blog | 1.31 |
| m_blom | html-bbcode | 1.03 |
| m_blom | html-bbcode | 1.04 |
| fuzzymonkey | my_blog | 1.3 |
| fuzzymonkey | my_blog | 1.51 |
| fuzzymonkey | my_blog | 1.62 |
| fuzzymonkey | my_blog | 1.64 |
| fuzzymonkey | my_blog | 1.21 |
| fuzzymonkey | my_blog | 1.22 |
| fuzzymonkey | my_blog | 1.6 |
| fuzzymonkey | my_blog | 1.0 |
| fuzzymonkey | my_blog | 1.2 |
| fuzzymonkey | my_blog | 1.5 |
| fuzzymonkey | my_blog | 1.61 |