7701 matches found
EZ-Blog 1b Delete All Posts / SQL Injection Vulnerabilities
No description provided by source. Salvatore "drosophila" Fresta Application: EZ-Blog http://sourceforge.net/projects/ez-blog/ Version: Beta 1 Bug: Multiple SQL Injection Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta e-mai...
EZ-Blog 1b Delete All Posts / SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications =========================================================== EZ-Blog 1b Delete All Posts / SQL Injection Vulnerabilities =========================================================== Salvatore "drosophila" Fresta Application: EZ-Blog...
EZ-Blog beta1 - Delete All Posts SQL Injection
EZ-Blog beta1 - Delete All Posts SQL Injection Salvatore "drosophila" Fresta Application: EZ-Blog http://sourceforge.net/projects/ez-blog/ Version: Beta 1 Bug: Multiple SQL Injection Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila"...
EZ-Blog 1b SQL Injection
Salvatore "drosophila" Fresta Application: EZ-Blog http://sourceforge.net/projects/ez-blog/ Version: Beta 1 Bug: Multiple SQL Injection Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta e-mail: [email protected] - BUGS S...
EZ-Blog beta1 - Delete All Posts / SQL Injection
Salvatore "drosophila" Fresta Application: EZ-Blog http://sourceforge.net/projects/ez-blog/ Version: Beta 1 Bug: Multiple SQL Injection Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta e-mail: [email protected] - BUGS S...
Irokez BLog 0.7.3.2 (XSS/RFI/BSQL) Multiple Remote Vulnerabilities
No description provided by source. ================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS ================================================================================ Application: Irokez Blog ------------ Websit...
Irokez BLog 0.7.3.2 (XSS/RFI/BSQL) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ================================================================== Irokez BLog 0.7.3.2 XSS/RFI/BSQL Multiple Remote Vulnerabilities ==================================================================...
Irokez Blog 0.7.3.2 XSS / RFI / SQL Injection
================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS ================================================================================ Application: Irokez Blog ------------ Website: http://irokez.org --------...
Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities
Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/33931/info Irokez Blog is prone to multiple input-validation vulnerabilities: - A cross-site scripting issue - An SQL-injection issue - Multiple remote file-include issues Exploiting these...
irokez blog 0.7.3.2 - Cross-Site Scripting / Remote File Inclusion / Blind SQL Injection
================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS ================================================================================ Application: Irokez Blog ------------ Website: http://irokez.org --------...
irokez blog 0.7.3.2 - Cross-Site Scripting Remote File Inclusion Blind SQL Injection
irokez blog 0.7.3.2 - Cross-Site Scripting Remote File Inclusion Blind SQL Injection ================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS...
Scrubbr: Stored XSS flaw finder
The HP Security Labs blog is pointing to a new database scanning tool called “Scrubbr” that can help check numerous database technologies for the presence of possible stored cross-site scripting attacks. Scrubbr download here is described a Java program which connects to your database MySQL 5+, M...
CVE-2009-0502
Cross-site scripting XSS vulnerability in blocks/html/blockhtml.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when t...
Squid 3.1 5 - HTTP Version Number Parsing Denial of Service
Squid 3.1 5 - HTTP Version Number Parsing Denial of Service !usr/bin/perl -w Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0478 https://www.securityfocus.com/bid/33604/discuss $$$$$This was strictly written for educational purpose. Use it at your own risk.$$$$$ $$$$$Author...
CVE-2009-0502
Cross-site scripting XSS vulnerability in blocks/html/blockhtml.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when t...
SocialEngine Blog Plugin category_id Parameter SQL Injection
The remote host is running SocialEngine, a PHP-based social network platform. The version of the Blog plugin for SocialEngine installed on the remote host fails to sanitize input to the 'categoryid' parameter of the 'blog.php' script before using it to construct database queries. Regardless of...
GR Blog 1.1.4 (Upload/Bypass) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ============================================================= GR Blog 1.1.4 Upload/Bypass Multiple Remote Vulnerabilities ============================================================= // TEST ON VERSION GR Blog v1.1.4, in my localhost // +...
GR Blog 1.1.4 (Upload/Bypass) Multiple Remote Vulnerabilities
No description provided by source. GR Blog v1.1.4 Upload/Bypass Multiple Remote Vulnerabilities Author: Jose Luis Gongora Fernandez a.k.a JosS sys-projectathotmail.com Web: http://hack0wn.com/ // TEST ON VERSION GR Blog v1.1.4, in my localhost Download :...
CVE-2009-0383
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request...
CVE-2009-0383
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote attackers to delete arbitrary blog posts via a direct request...