WordPress Blog Manager Light Plugin <= 1.20 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blog Manager Light Type Plugin Vulnerable versions = 1.20 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45102 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID e898fef1cf21 Credits Mika Required...

Blog Manager inc_webblogmanager.asp ItemID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues coul...

Blog Manager inc_webblogmanager.asp CategoryID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues coul...

DMXReady Blog Manager <= 1.1 - Remote File Delete Vulnerability

No description provided by source. Title : DMXReady Blog Manager = 1.1 Remote Files Delete Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 199.97 $ Dork : inurl:incwebblogmanager.asp DorkEx :...

CVE-2009-0338

Cross-site scripting XSS vulnerability in incwebblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action...

CVE-2009-0339

SQL injection vulnerability in incwebblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action...

Sql injection

SQL injection vulnerability in incwebblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action...

Cross site scripting

Cross-site scripting XSS vulnerability in incwebblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action...

CVE-2009-0338

The CVE-2009-0338 issue targets DMXReady Blog Manager, specifically the inc_webblogmanager.asp component. The vulnerability is a Cross-site Scripting (XSS) flaw that allows an attacker to inject arbitrary web script or HTML via the CategoryID parameter in a refer action. Impact is described as en...

CVE-2009-0339

SQL injection vulnerability in incwebblogmanager.asp in DMXReady Blog Manager allows remote attackers to execute arbitrary SQL commands via the itemID parameter in a view action...

CVE-2009-0339

The CVE-2009-0339 entry concerns a SQL injection in inc_webblogmanager.asp of the DMXReady Blog Manager, exploitable via the itemID parameter in a view action. This vulnerability allows remote attackers to execute arbitrary SQL commands, with potential impact on confidentiality, integrity, and av...

Blog Manager - categoryId Cross-Site Scripting

Blog Manager - categoryId Cross-Site Scripting source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting thes...

Blog Manager - ItemID SQL Injection

Blog Manager - ItemID SQL Injection source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues...

DMXReady Blog Manager &#40;SQL/XSS&#41;

--------------------------------------------------------- Portal Name: DMXReady Blog Manager SQL/XSS Vendor : http://www.galaxyscripts.com Author : PouyaServer , [email protected] Aria-Security.Net Vulnerability : SQL/XSS --------------------------------------------------------- SQL:...

Blog Manager - &#039;categoryId&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...

Blog Manager - &#039;ItemID&#039; SQL Injection

source: https://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal...

DMXReady Blog Manager XSS / SQL Injection

--------------------------------------------------------- Portal Name: DMXReady Blog Manager SQL/XSS Vendor : http://www.galaxyscripts.com Author : PouyaServer , [email protected] Aria-Security.Net Vulnerability : SQL/XSS --------------------------------------------------------- SQL:...

DMXReady Blog Manager 1.1 File Deletion

Title : DMXReady Blog Manager ajann Exp Delete File : Form Action: http://target/path/includes/sharedscripts/wysiwygeditor/assetmanager/assetmanager.asp?ffilter= Delete File Path: etc...

DMXReady Blog Manager <= 1.1 Remote File Delete Vulnerability

Exploit for unknown platform in category web applications ============================================================= DMXReady Blog Manager ajann Exp Delete File : Form Action: http://target/path/includes/sharedscripts/wysiwygeditor/assetmanager/assetmanager.asp?ffilter= Delete File Path:...

DMXReady Blog Manager &lt;= 1.1 Remote File Delete Vulnerability

No description provided by source. Title : DMXReady Blog Manager = 1.1 Remote Files Delete Vulnerability Author : "ajann" from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 199.97 $ Dork : inurl:incwebblogmanager.asp DorkEx :...