7736 matches found
Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection
No description provided by source. + Exploit: Cells v3.3 XSS Reflected & Blind SQLite Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + version: Cells Blog 3.3 + Vendor Homepage: http://cells.tw + 14/01/2014 vendor contacted + 17/01/2014 no response from vendor +...
Shimbi CMS Multiple SQL Injection Vulnerabilities
No description provided by source. Title : Shimbi CMS Vulnerable to Multiple SQL Injections Vendor : http://www.shimbi.in/ Found by : p0pc0rn Dork : intext:Powered By Shimbi CMS SQL Injection in details.php parameter --------------------------------------- http://site.com/details.php?id=sql POC -...
Mango Blog 1.4.1 'archives.cfm/search' Cross Site Scripting Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-87080' vul ID version = '1' author = 'fenghh' vulDate = '2010-03-03' createDate =...
AndoNET Blog 2004.9.2 Comentarios.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16393/info AndoNET Blog is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
Open Blog 1.2.1 - CSRF Vulnerability
No description provided by source...
Odysseus Blog 1.0 Blog.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21128/info Odysseus Blog is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
MyBlog <= 0.9.8 Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= MyBlog = 0.9.8: PHP and MySQL Blog/CMS software / Cookie poisioning -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: MyBlog $ File affected: all /admin/.php files...
RI Blog 1.3 Search.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21880/info RI Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
Pixie 1.04 - Blog Post CSRF
No description provided by source...
Simple PHP Blog 0.4 colors.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15283/info Simple PHP Blog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...
ASP Simple Blog 3.0 - Upload shell Vulnerability
No description provided by source...
makit news/blog poster 3.1 - DB Download Vulnerability
No description provided by source...
Palm Pre WebOS <= 1.1 - Remote File Access Vulnerability
No description provided by source. I. Description The Palm Pre WebOS =1.1 suffers from a JavaScript injection attack that allows a malicious attacker to access any file on the mobile device. Palm has patched this vulnerability and all users are recommended to upgrade to WebOS version 1.2+. Palm...
Blog Manager inc_webblogmanager.asp ItemID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/33314/info DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues coul...
Chipmunk Blog archive.php membername Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29883/info Chipmunk Blog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in th...
Invision Community Blog Mod 1.2.4 - SQL Injection Vulnerability
No description provided by source. 1. Open any blog entry 2. Try to reply to any message 3. Push Preview message button Do not post your reply 4. Save source code of opened page to your PC 5. Find this string input type='hidden' name='eid' value='BLOGENTRYID' / 6. Change BLOGENTRYID with this SQL...
Insanely Simple Blog 0.4/0.5 Blog Anonymous Blog Entry XSS
No description provided by source. source: http://www.securityfocus.com/bid/24934/info Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues, because the application fails to properly sanitize...
PluggedOut Blog 1.9.x Index.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15746/info PluggedOut Blog is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
Chipmunk Blog comments.php membername Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29883/info Chipmunk Blog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in th...
A-Blog 1.0 Unspecified Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21716/info The 'a-blog' application is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script cod...