149 matches found
BLOB Blog System Version Detection
This script detects the installed version of BLOB Blog System. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site scripting
Cross-site scripting XSS vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter...
CVE-2009-3594
Cross-site scripting XSS vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter...
CVE-2009-3594
Cross-site scripting XSS vulnerability in bpost.php in BLOB Blog System before 1.2 allows remote attackers to inject arbitrary web script or HTML via the postid parameter...
CVE-2009-3594
CVE-2009-3594 is a cross-site scripting (XSS) vulnerability in BLOB Blog System, affecting versions before 1.2. The issue arises in bpost.php via the postid parameter, enabling remote attackers to inject arbitrary script/HTML. The NVD/OpenVAS entries corroborate a non-authenticated web parameter ...
Blink Blog SQL Injection
Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mai...
Blink Blog System (Auth Bypass) SQL Injection Vulnerability
No description provided by source. Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author:...
Blink Blog System (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== Blink Blog System Auth Bypass SQL Injection Vulnerability =========================================================== Salvatore "drosophila" Fresta + Application: Blink Blog Syste...
Blink Blog System Authentication Bypass
Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mai...
Blink Blog System - Authentication Bypass
Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mai...
Blink Blog System - Authentication Bypass
Blink Blog System - Authentication Bypass Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Autho...
WordPress口令重置用户名枚举漏洞
BUGTRAQ ID: 35581 CVECAN ID: CVE-2009-2335,CVE-2009-2336 WordPress是一款免费的论坛Blog系统。 WordPress对于使用已有的用户名和不存在用户名的登录尝试会返回不同的结果,这降低了暴力猜测攻击的复杂性;此外在使用口令重置界面请求新口令的时候,对于已有的和不存在的用户名也会返回不同的结果。 WordPress WordPress 2.6.5 WordPress WordPress MU 2.7.1 WordPress ---------...
typecho blog system store cross-site vulnerability&easy to get webshell-vulnerability warning-the black bar safety net
author:hiphop qq group:5 2 9 3 8 7 2 2 转 帖 请 附上 来源 :http://hi.baidu.com/securehiphop/blog/item/f5b3627a1768bcfc0ad187f5.html Today Wake up in the morning eat Breakfast go to download a set of blogs to look at In the admin backend post post place found to the title place the title didn't do better...
PJBlog个人博客系统cls_logAction.asp文件存在注入漏洞
PJBlog一套开源免费的中文个人博客系统程序,采用asp+Access的技术,具有相当高的运作效能以及更新率,也支持目前Blog所使用的新技术。 在文件class/clslogAction.asp中: oldcate=request.form"oldcate" //第429行 oldctype=request.form"oldtype" D = conn.execute"select catePart from blogCategory where cateID="&oldcate0 程序没有对变量oldcate做任何过滤放入sql查询语句中,导致注入漏洞的产生。 PJBlog...
PHP-Fusion Mod TI Blog System SQL Injection
PHP-Fusion Mod TI - Blog System Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download :...
PHP-Fusion Mod TI - id SQL Injection
PHP-Fusion Mod TI - id SQL Injection PHP-Fusion Mod TI - Blog System Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download :...
PHP-Fusion Mod TI (id) Remote SQL Injection Vulnerability
No description provided by source. PHP-Fusion Mod TI - Blog System Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download :...
PHP-Fusion Mod TI (id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= PHP-Fusion Mod TI id Remote SQL Injection Vulnerability ========================================================= PHP-Fusion Mod TI - Blog System Sql Injection AUTHOR : Sina...
PHP-Fusion Mod TI - 'id' SQL Injection
PHP-Fusion Mod TI - Blog System Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download :...
Sql injection
SQL injection vulnerability in blog.php in the Team Impact TI Blog System mod for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the id parameter...