cpe:/a:y-blog:yblog:0.2.2.2 CVE-2008-2669 2008-06-11T22:32:00.000-04:00 2017-09-28T21:31:15.693-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-06-12T10:58:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080610 [web-app] yBlog 0.2.2.2 Multiple Remote Vulnerabilities BID 29629 SECUNIA 30607 SREASON 3935 EXPLOIT-DB 5773 MISC http://chroot.org/exploits/chroot_uu_009 XF yblog-searchuseruss-sql-injection(42959) Multiple SQL injection vulnerabilities in yBlog 0.2.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the q parameter to search.php, or the n parameter to (2) user.php or (3) uss.php.