birdblog CVE Vulnerabilities & CVE List (5)

Products (CPE): — CVEs: 5

birdblog vulnerability overview

Aggregates CVE and security vulnerability intelligence across all birdblog-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk sql injection and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface software deployment scenarios.

Vulnerability distribution trend (last 24 months)

Showing 15 of 5 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2014-5330 Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. [email protected] 4.3 0.32% 2014-10-19 2026-05-06
CVE-2006-6211 Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to (a) admin/admincore.php, the (2) month parameter to (b) admin/comments.php or (c) admin/entries.php, or the (3) page parameter to (d) admin/logs.php, different vectors than CVE-2006-5064. [email protected] 6.8 1.71% 2006-12-01 2026-04-23
CVE-2006-5064 Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entryid parameter in comment.php, (2) page parameter in index.php, or the (3) uid parameter in user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. [email protected] 5.1 0.79% 2006-09-28 2026-04-23
CVE-2005-1592 Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. [email protected] 7.5 0.66% 2005-05-16 2026-04-16
CVE-2005-0882 SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters. [email protected] 7.5 0.85% 2005-05-02 2026-04-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence