D2ksoftCVEs & Vulnerabilities
2 CVEs affecting D2ksoft products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
d2kblog 8
CVE-2006-1122MEDIUM
Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
10 Mar 2006
6.8
CVSS
CVE-2006-1123CRITICALpoc
SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.
10 Mar 2006
10.0
CVSS
← PrevPage 1 / 1Next →