sphpblog051-multi.txt

Title: Simple PHP Blog sphpblog Released on: 2007/10/21 Changelog: ---------- L M H T Summary: Ip Spoofing X X Cross Site Scripting X X Session Fixation X X mail CRLF Injection X Local File Inclusion +CSRF X X File Deletion +CSRF X X File Upload Vulnerability X X Code Execution +CSRF X X Legend: ...

Simple PHP Blog (sphpblog) <= 0.5.1 Multiple Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Simple PHP Blog sphpblog = 0.5.1 Multiple Vulnerabilities ============================================================ Title: Simple PHP Blog sphpblog = 0.5.1 Multiple...

Simple PHP Blog (sPHPblog) 0.5.1 - Multiple Vulnerabilities

Title: Simple PHP Blog sphpblog Released on: 2007/10/21 Changelog: ---------- L M H T Summary: Ip Spoofing X X Cross Site Scripting X X Session Fixation X X mail CRLF Injection X Local File Inclusion +CSRF X X File Deletion +CSRF X X File Upload Vulnerability X X Code Execution +CSRF X X Legend: ...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Simple PHP Blog SPHPBlog 0.4.9 allow remote attackers to perform delete actions as administrators via 1 the blockid parameter to addblock.php or 2 the linkid parameter to addlink.php...

CVE-2007-5572

Multiple cross-site request forgery CSRF vulnerabilities in Simple PHP Blog SPHPBlog 0.4.9 allow remote attackers to perform delete actions as administrators via 1 the blockid parameter to addblock.php or 2 the linkid parameter to addlink.php...

CVE-2007-5572

Multiple cross-site request forgery CSRF vulnerabilities in Simple PHP Blog SPHPBlog 0.4.9 allow remote attackers to perform delete actions as administrators via 1 the blockid parameter to addblock.php or 2 the linkid parameter to addlink.php...

CVE-2007-5572

The provided records identify CVE-2007-5572 as CSRF vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9. The affected component is the blog’s admin-facing functionality, where remote attackers could trigger delete actions by supplying (1) block_id to add_block.php or (2) link_id to add_link.php. ...

PT-2007-6587 · Php · Sphpblog

Name of the Vulnerable Software and Affected Versions: PHPBlog version 0.1 Alpha Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the blog localpath parameter to includes/functions.php or includes/email.php. However, it is noted that this issue is disputed...

Sql injection

SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action...

CVE-2007-5272

SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action...

CVE-2007-5272

CVE-2007-5272 is a SQL injection in kategori.asp of Furkan Tastan Blog, exploitable remotely via the id parameter in a goster kat action. Root cause is unsanitized/unsafe input leading to arbitrary SQL execution; impact includes partial disclosure, modification, and potential disruption. Exploita...

CVE-2007-5272

SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute arbitrary SQL commands via the id parameter in a goster kat action...

Furkan Tastan Blog Remote SQL Injection Vulnerability

No description provided by source. Title : Furkan Tatan Blog Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://furkantastan.somee.com/blog Script Download Page: : http://www.aspindir.com/indir.asp?ID=5152 Vuln. Username :...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog feeds via a request to wp-admin/options-general.php that submits parameter values to FeedBurnerFeedSmithPlugin.php, as demonstrated by the ...

CVE-2007-5229

Cross-site request forgery CSRF vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog feeds via a request to wp-admin/options-general.php that submits parameter values to FeedBurnerFeedSmithPlugin.php, as demonstrated by the ...

Furkan Tastan Blog Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================== Furkan Tastan Blog Remote SQL Injection Vulnerability ===================================================== Title : Furkan Tastan Blog Remote SQL Injection Vulnerability Author :...

furkan-sql.txt

Title : Furkan Taştan Blog Remote SQL Injection Vulnerability Author : CyberGhost Demo Page : http://furkantastan.somee.com/blog Script Download Page: : http://www.aspindir.com/indir.asp?ID=5152 Vuln. Username : /kategori.asp?kat=goster&id=-1+union+select+0,1,adkull,3,4,5,6,7,8+from+ayar Password...

CVE-2007-5161

Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...

Cross site scripting

Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...

CVE-2007-5161

Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...