CVE Tools

leif m. wright

Web & CMS Pluginsindividual-dev

12

Cumulative CVEs

4

Monthly snapshots

#2

Peak rank

Top products

Latest CVEs

The 13 most recently published vulnerabilities affecting leif m. wright.

CVE-2006-0846Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, w...4.3Feb 22, 2006
CVE-2006-0845Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious p...6.5Feb 22, 2006
CVE-2006-0844Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote attackers to bypass login authentication, probably by setting th...7.5Feb 22, 2006
CVE-2006-0843Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password.5.0Feb 22, 2006
CVE-2004-2347blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.7.5Aug 16, 2005
CVE-2004-2127Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable.5.0May 27, 2005
CVE-2005-1352Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.4.3Apr 28, 2005
CVE-2005-1351The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.7.5Apr 28, 2005
CVE-2005-1350The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.5.0Apr 28, 2005
CVE-2001-0025ad.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.10.0Feb 2, 2001
CVE-2001-0024simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter.10.0Feb 2, 2001
CVE-2001-0023everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.10.0Feb 2, 2001
CVE-2001-0022simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter.10.0Feb 2, 2001