CVE-2008-4616

The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key...

Design/Logic Flaw

The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key...

CVE-2008-4616

The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key...

JVN#81490697: Movable Type cross-site scripting vulnerability

Movable Type, a web log system from Six Apart KK, contains a vulnerability resulting from the improper handling of the management page that can lead to cross-site scripting. This vulnerability is different from JVN30385652. Impact An arbitrary script may be executed on the blog administrator's we...

FC2 BLOG Cross-Site Scripting Vulnerabilities

Subject: FC2 BLOG Cross-Site Scripting Vulnerabilities Application: FC2 BLOG Vendor:BLOG.FC2.COM Corporation: FC2, Inc. DATE : 9 Oct 2008 Description: FC2 BLOG Cross-Site Scripting Vulnerabilities Vulnerability: ============== They do not properly sanitize the potentially malicious input content ...

fc2blog-xss.txt

Subject: FC2 BLOG Cross-Site Scripting Vulnerabilities Application: FC2 BLOG Vendor:BLOG.FC2.COM Corporation: FC2, Inc. DATE : 9 Oct 2008 Description: FC2 BLOG Cross-Site Scripting Vulnerabilities Vulnerability: ============== They do not properly sanitize the potentially malicious input content ...

printlog-disclose.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog eNYe-Sec - www.enye-sec.org -- Description by the author's page -- PRITLOG is an extremely simple, small and powerful blog system. It does not use or need a MYSQL database and fully works based on flat files. The idea is derived from a...

Printlog <= 0.4 (filename) Remote File Disclosure Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog = 0.4: Remote File Edition Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: Printlog $ File affected: index.php $ Version: 0.4 $ Download: http://www.hardkap.net/pritlog Found...

Pritlog 0.4 - Filename Remote File Disclosure

Pritlog 0.4 - Filename Remote File Disclosure -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog eNYe-Sec - www.enye-sec.org -- Description by the author's page -- PRITLOG is an extremely simple, small and powerful blog system. It does not use or need a MYSQL database and fully works bas...

Z-Blog infinite loop vulnerability attack caused by blog with frequent pop-vulnerability warning-the black bar safety net

Writing a blog is now a lot of people part of every day life, many users like to record diary-like intentions in a blog to record their life and thoughts, but the blog as a personal Journal seems to be on the safe side by a lot of users ignore, personal blog security really can be ignored? A lot ...

dieselpay-sql.txt

Diesel Pay Script index.php area sql inj http://www.dieselscripts.com ---------------------------------------------------------- Discovered By: ZoRLu Date: 20.09.2008 contact: [email protected] contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA :...

Be careful Baidu blog rss leak your blog secrets-the vulnerability warning-the black bar safety net

If you apply for a Baidu blog, then in Settings-Display Options-article display options for full-text or summary, then you want to hide the articles through the rss to be seen. For the time being the solution is: Settings--Display Options--article display options to the title, so bad intentions o...

Simple PHP Blog config/users.php Arbitrary User Password Hash Disclosure

The version of Simple PHP Blog installed on the remote host allows an unauthenticated, remote attacker to retrieve information about non-admin users defined to the application, including their user names and password hashes, which could in turn be used to gain access to the application. While the...

Simple PHP Blog Detection

The remote host is running Simple PHP Blog, an open source blog application that uses flat text files. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34109; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...

e107be-sql.txt

!/usr/bin/perl e107 Plugin BLOG Engine v2.2 SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my lovely friends hadiaryaie2004 &...

jobsitepro-xsrf.txt

JobSitePro CSRF Vulnerability By: e.wiZz! Info: Bosnian Idiot FTW! Blog: infected.blogger.ba In the wild... Site: http://phplabs.com/demo/jobsitepro/ CSRF on demo site:...

e107 Plugin BLOG Engine 2.2 (uid) SQL Injection Exploit

No description provided by source. !/usr/bin/perl e107 Plugin BLOG Engine v2.2 SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my love...

e107 Plugin BLOG Engine 2.2 - 'uid' SQL Injection

!/usr/bin/perl e107 Plugin BLOG Engine v2.2 SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my lovely friends hadiaryaie2004 &...

e107 Plugin BLOG Engine 2.2 (uid) SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================= e107 Plugin BLOG Engine 2.2 uid SQL Injection Exploit ======================================================= !/usr/bin/perl e107 Plugin BLOG Engine v2.2 SQL Injection Exploit special...

Simple PHP Blog (SPHPBlog) <= 0.5.1 Code Execution Exploit

No description provided by source. ? / sIMPLE php bLOG 0.5.0 eXPLOIT bY mAXzA 2008 / function curl$url,$postvar global $cook; $ch = curlinit $url ; curlsetopt $ch, CURLOPTRETURNTRANSFER, 1; curlsetopt $ch, CURLOPTHEADER, 1; curlsetopt $ch, CURLOPTREFERER,"$url"; if strlen$postvar3 $postvar="123";...