XSRF (CSRF) in Open blog

Vulnerability ID: HTB22496 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenblog.html Product: Open Blog Vendor: Tomaz Muraus http://www.open-blog.info/ Vulnerable Version: 1.2.1 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: CSRF Cross-Site Request...

XSS vulnerability in Open blog

Vulnerability ID: HTB22497 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinopenblog.html Product: Open Blog Vendor: Tomaz Muraus http://www.open-blog.info/ Vulnerable Version: 1.2.1 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: Stored XSS Cross Sit...

XSS vulnerability in Open Blog

Vulnerability ID: HTB22498 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinopenblog1.html Product: Open Blog Vendor: Tomaz Muraus http://www.open-blog.info/ Vulnerable Version: 1.2.1 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: Stored XSS Cross Si...

Open Blog 1.2.1 Cross Site Request Forgery / Cross Site Scripting

============================================== Vulnerability ID: HTB22498 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinopenblog1.html Product: Open Blog Vendor: Tomaž Muraus http://www.open-blog.info/ Vulnerable Version: 1.2.1 and Probably Prior Versions Vendor Notification: 22 Ju...

Open Blog v1.2.1 CSRF Vulnerability

Exploit for php platform in category web applications =================================== Open Blog v1.2.1 CSRF Vulnerability =================================== Vulnerability ID: HTB22496 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenblog.html Product: Open Blog Vendor: Toma?? Muraus...

Muraus Open Blog - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/42255/info Tomaž Muraus Open Blog is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplie...

Open Blog 1.2.1 - Cross-Site Request Forgery

Open Blog 1.2.1 - Cross-Site Request Forgery Vulnerability ID: HTB22496 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenblog.html Product: Open Blog Vendor: Tomaž Muraus http://www.open-blog.info/ Vulnerable Version: 1.2.1 and Probably Prior Versions Vendor Notification: 22 July 2010...

Open Blog 1.2.1 - Cross-Site Request Forgery

Vulnerability ID: HTB22496 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinopenblog.html Product: Open Blog Vendor: Tomaž Muraus http://www.open-blog.info/ Vulnerable Version: 1.2.1 and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type: CSRF Cross-Site Request...

Google Chrome Multiple Unspecified Vulnerabilities - July 10

The host isnstalled with Google Chrome and is prone to multiple unspecified vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultunspecifiedvulnjul10.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Unspcified Vulnerabilities - July 10 Authors: Madhuri D Copyright:...

Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)

Overview The hashing algorithm that is used in the standard authentication API for VxWorks is susceptible to collisions. An attacker can brute force a password by guessing a string that produces the same hash as a legitimate password. Description An attacker with a known username and access to a...

CVE-2010-2922

SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-2922

CVE-2010-2922 describes an SQL injection in AKY Blog’s default.asp, exploitable via the id parameter to trigger remote execution of arbitrary SQL. Affected component: AKY Blog default.asp; root cause: unsafeguarded input being interpolated into SQL; impact: partial confidentiality, integrity, and...

CVE-2010-2922

SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary SQL commands via the id parameter...

AKY Blog SQL Injection

=================================================== AKY Blog SQL İnjection =================================================== Author : Madconfig Homepage : www.worldhackerz.com Mail : adminatworldhackerzdot.com Script : http://www.aspindir.com/indir.asp?ID=5954&sIslem=Indir Risk : No Risk Just...

Simple PHP Blog 0.4.0 - Remote Command Execution (Metasploit)

$Id: sphpblogfileupload.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

AKY Blog SQL Injection Vulnerability

Exploit for asp platform in category web applications ==================================== AKY Blog SQL Injection Vulnerability ==================================== Author : Madconfig Homepage : www.worldhackerz.com Mail : adminatworldhackerzdot.com Script :...

AKY Blog - SQL Injection

=================================================== AKY Blog SQL İnjection =================================================== Author : Madconfig Homepage : www.worldhackerz.com Mail : adminatworldhackerzdot.com Script : http://www.aspindir.com/indir.asp?ID=5954&sIslem=Indir Risk : No Risk Just...

AKY Blog - SQL Injection

AKY Blog - SQL Injection =================================================== AKY Blog SQL İnjection =================================================== Author : Madconfig Homepage : www.worldhackerz.com Mail : adminatworldhackerzdot.com Script :...

Cross-site Request Forgery (CSRF) in Open blog

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open blog which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery vulnerabilities in Open blog: CVE-2010-3025 1.1 The vulnerability exists due to insufficient validati...