CVE-2006-0101

Name of the Vulnerable Software and Affected Versions: sBLOG versions 0.7.1 Beta 20051202 and earlier

Description: The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the p and keyword parameters in the "index.php" and "search.php" API endpoints.

Recommendations: For sBLOG versions 0.7.1 Beta 20051202 and earlier, consider restricting access to the p and keyword parameters in the "index.php" and "search.php" endpoints until a fix is available. Avoid using these parameters in the affected API endpoints to minimize the risk of exploitation.