7699 matches found
CVE-2008-1986
CVE-2008-1986 is a reported XSS vulnerability in Blog Pixel Motion (PixelMotion) affecting the file liste_article.php. The flaw allows remote attackers to inject arbitrary web script or HTML via the jours parameter. The available sources describe the vulnerability and its impact as cross-site scr...
CVE-2008-1986
Cross-site scripting XSS vulnerability in listearticle.php in Blog Pixel Motion aka PixelMotion allows remote attackers to inject arbitrary web script or HTML via the jours parameter...
Pixel Motion Blog - list_article.php Cross-Site Scripting
Pixel Motion Blog - listarticle.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28920/info Pixel Motion Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...
Pixel Motion Blog - 'list_article.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28920/info Pixel Motion Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Sql injection
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...
CVE-2008-1867
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...
Authentication flaw
admin/sauvBase.php in Blog Pixel Motion aka Blog PixelMotion does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information...
CVE-2008-1868
admin/sauvBase.php in Blog Pixel Motion aka Blog PixelMotion does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information...
CVE-2008-1868
admin/sauvBase.php in Blog Pixel Motion aka Blog PixelMotion does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information...
CVE-2008-1868
CVE-2008-1868 affects Blog Pixel Motion (Blog Pixel Motion) via admin/sauvBase.php, where authentication is not required. The underlying issue allows remote attackers to trigger a database backup dump and retrieve the resulting blogPM.sql, which contains sensitive information. The vulnerability e...
CVE-2008-1867
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...
CVE-2008-1866
admin/modifconfig.php in Blog Pixel Motion aka PixelMotion does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct...
CVE-2008-1867
CVE-2008-1867 describes a SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion). The issue allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, potentially related to include/requetesIndex.php. The vulnerability affects the affected...
Design/Logic Flaw
The menu system in Drupal 6 before 6.2 has incorrect menu settings, which allows remote attackers to 1 edit the profile pages of arbitrary users, and obtain sensitive information from 2 tracker and 3 blog pages, related to a missing check for the "access content" permission; and 4 allows remote...
koobiprogal-sql.txt
Koobi Pro V6.25 gallerygalid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: galid "index.php?p=gallerypic" EXPLOiT :...
blogpixel-sql.txt
Blog Pixel Motion Sql Injection Vulnerability ------------------------------------------------------------------------------------------------- Author : parad0x Home : www.inso.host.sk Script : Blog PixelMotion Download : http://www.pixelmotion.org/zip/blog.zip...
Blog PixelMotion (index.php categorie) SQL Injection Vulnerability
No description provided by source. Blog Pixel Motion Sql Injection Vulnerability ------------------------------------------------------------------------------------------------- Author : parad0x Home : www.inso.host.sk Script : Blog PixelMotion Download : http://www.pixelmotion.org/zip/blog.zip...
Blog PixelMotion (index.php categorie) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== Blog PixelMotion index.php categorie SQL Injection Vulnerability ================================================================== Blog Pixel Motion Sql Injection...
Blog PixelMotion - 'modif_config.php' Arbitrary File Upload
------------------------------------------------------------------------- -- JIKI Team JIKO + KIl1er --- ------------------------------------------------------------------------- Author : jiko jiki team email : [email protected] Home : www.no-back.org Script : Blog PixelMotion Bug : Remote File...
Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Blog PixelMotion modifconfig.php Remote File Upload Vulnerability ====================================================================...