7738 matches found
CVE-2008-7005
include/modules/top/1-randomquote.php in Minb Is Not a Blog minb 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotestoedit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution...
CVE-2008-7005
include/modules/top/1-randomquote.php in Minb Is Not a Blog minb 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotestoedit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution...
CVE-2008-7005
Minb Is Not a Blog (minb) 0.1.0 is affected by a PHP code-execution flaw in include/modules/top/1-random_quote.php, exploitable via the quotes_to_edit parameter. Remote attackers can run arbitrary PHP code. Some sources note unrestricted file upload as a potential consequence, but the direct issu...
Good fine enterprise management system injection vulnerability-vulnerability warning-the black bar safety net
Vulnerability file: en/DownloadShow. asp chinese/DownloadShow. asp The exploit: the In Baidu, type: inurl: DownloadShow. asp? DownID= In Google type: allinurl: DownloadShow. asp? DownID= Get the search page address copied down. Open the D2. 3 2. Paste the address detection of the address bar you...
WordPress Hit by Password-Reset Vulnerability
Researchers are sounding the alarm for a serious administrator password-reset vulnerability affecting the latest version of WordPress, the popular open-source blog publishing platform. The flaw, which can be exploited via the browser, gives an attacker a trivial way to compromise the admin accoun...
Abroad a Blog program 0day-vulnerability warning-the black bar safety net
Author: YJPS reprint please indicate the Recently bored to go abroad on the site wandering around and see a nice Blog system, you can register the user and assign a secondary directory. The more boring it is to detect the next, the following is the analysis of the results. Site: Vulnerability...
Blink Blog SQL Injection
Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mai...
Blink Blog System (Auth Bypass) SQL Injection Vulnerability
No description provided by source. Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author:...
Blog Ink (Blink) - Multiple SQL Injections
Blog Ink Blink - Multiple SQL Injections source: https://www.securityfocus.com/bid/43284/info Blog Ink Blink is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...
Blink Blog System - Authentication Bypass
Blink Blog System - Authentication Bypass Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Autho...
Blink Blog System (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== Blink Blog System Auth Bypass SQL Injection Vulnerability =========================================================== Salvatore "drosophila" Fresta + Application: Blink Blog Syste...
Blink Blog System - Authentication Bypass
Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mai...
Blink Blog System Authentication Bypass
Salvatore "drosophila" Fresta + Application: Blink Blog System + Version: Unknown + Website: http://blogink.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 03 Aug 2009 + Discovered by: Salvatore Fresta aka drosophila + Author: Salvatore Fresta aka drosophila + E-mai...
typecho blog system store cross-site vulnerability&easy to get webshell-vulnerability warning-the black bar safety net
author:hiphop qq group:5 2 9 3 8 7 2 2 转 帖 请 附上 来源 :http://hi.baidu.com/securehiphop/blog/item/f5b3627a1768bcfc0ad187f5.html Today Wake up in the morning eat Breakfast go to download a set of blogs to look at In the admin backend post post place found to the title place the title didn't do better...
Miniweb 2.0 Blog Writer XSS
-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability
No description provided by source. ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ==============================================================================...
Magician Blog 1.0 Authentication Bypass
============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== » Note : Been Repoted The Programed...
Ultrize TimeSheet 1.2.2 Remote File Inclusion
===================================================================================== o Ultrize TimeSheet 1.2.2 Remote File Inclusion Vulnerability Software : Ultrize TimeSheet version 1.2.2 Vendor : http://www.ultrize.com/ Download : http://www.ultrize.com/timesheet/download/timeSheet-20080505.z...
Magician Blog 1.0 - Authentication Bypass
Magician Blog 1.0 - Authentication Bypass ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
Magician Blog 1.0 - Authentication Bypass
============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== » Note : Been Repoted The...