BrewBlogger 2.3.2 multiple security vulnerabilities

There are multiple security vulnerabilities in BrewBlogger 2.3.2 which may allow an attacker to take control of the software.

Software

Software Link: BrewBlogger

Vulnerable Version: 2.3.2

Vendor Notification: Unnotified

Vulnerabilities

# Cross-Site Scripting (XSS) # <= 2.3.2 # Unpatched

# SQL Injection # <= 2.3.2 # Unpatched

# Full Path Disclosure # <= 2.3.2 # Unpatched

Reference

# OWASP: Cross-Site Scripting

# OWASP: SQL Injection

# OWASP: Full Path Disclosure

Appendix

[TXT] BrewBlogger 2.3.2 multiple security vulnerabilities