18 matches found
EUVD-2007-3436
Malware in sbrugna...
EUVD-2007-3434
Malware in sbrugna...
CVE-2007-3449
SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
Sql injection
SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
CVE-2007-3451
PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated administrators to execute arbitrary PHP code via a URL in the pg parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated administrators to execute arbitrary PHP code via a URL in the pg parameter...
CVE-2007-3451
PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated administrators to execute arbitrary PHP code via a URL in the pg parameter...
CVE-2007-3449
SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
CVE-2007-3451
CVE-2007-3451 is a PHP remote file inclusion in the 6ALBlog project, specifically in admin/index.php. The vulnerability allows remote authenticated administrators to execute arbitrary PHP code by supplying a URL in the pg parameter, enabling code execution and potential compromise of the applicat...
CVE-2007-3450
SQL injection vulnerability in member.php in 6ALBlog allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-3449
CVE-2007-3449 describes an SQL injection vulnerability in the 6ALBlog software, specifically in the file and function related to member.php, where the vulnerable parameter is newsid . An attacker can remotely craft input to cause arbitrary SQL commands to be executed by the backend database. The ...
CVE-2007-3450
CVE-2007-3450 is a SQL injection vulnerability in the 6ALBlog project, affecting the file member.php . The flaw allows remote attackers to execute arbitrary SQL commands by supplying the attack payload in the member parameter. This vulnerability is confirmed in multiple sources (NVD/NVDA-style re...
6ALBlog (newsid) Remote SQL Injection Vulnerability
No description provided by source. +By CrackersChild+ Portal.......: 6ALBlog All Versions Download.....: http://down.otand.com/download/code/php/blog/6alblog.rar Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote SQL Injection and Remote File...
6ALBlog Index.PHP远程文件包含漏洞
6ALBlog是一款基于PHP的WEB应用程序。 6ALBlog不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Index.PHP'脚本对用户提交的'pg'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 6ALBlog 目前没有详细解决方案提供: http://down.otand.com/download/code/php/blog/ http://www.example.com/admin/index.php?pg=Sh3ll?...
6alblog-sql.txt
+By CrackersChild+ Portal.......: 6ALBlog All Versions Download.....: http://down.otand.com/download/code/php/blog/6alblog.rar Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote SQL Injection and Remote File nclude Vulnerability Dork.........:...
6ALBlog (newsid) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =================================================== 6ALBlog newsid Remote SQL Injection Vulnerability =================================================== +By CrackersChild+ Portal.......: 6ALBlog All Versions Download.....:...
6ALBlog - newsid SQL Injection
6ALBlog - newsid SQL Injection +By CrackersChild+ Portal.......: 6ALBlog All Versions Download.....: http://down.otand.com/download/code/php/blog/6alblog.rar Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote SQL Injection and Remote File...
6ALBlog - 'newsid' SQL Injection
+By CrackersChild+ Portal.......: 6ALBlog All Versions Download.....: http://down.otand.com/download/code/php/blog/6alblog.rar Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote SQL Injection and Remote File Ä°nclude Vulnerability Dork...........