7698 matches found
CVE-2007-1433
Cross-site scripting XSS vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment fields to 1 scripts/addblogcomment.php and 2 detail.php...
Sql injection
SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a userdetail.php, id and 2 url parameter to b jump.php, and id variable to c detail.php...
Code injection
Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via direct requests with modified arguments in 1 the userpermissions parameter to addusers.php, and unspecified parameters to 2 addblog.php, 3 editblog.php, 4 editlinks.php, 5 editusers.php, and 6...
CVE-2007-1432
Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via direct requests with modified arguments in 1 the userpermissions parameter to addusers.php, and unspecified parameters to 2 addblog.php, 3 editblog.php, 4 editlinks.php, 5 editusers.php, and 6...
CVE-2007-1434
SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to a userdetail.php, id and 2 url parameter to b jump.php, and id variable to c detail.php...
CVE-2007-1432
The CVE-2007-1432 entry concerns Grayscale Blog 0.8.0 (and possibly earlier) where remote attackers can gain privileges by sending crafted requests with modified arguments to PHP scripts (add_users.php, addblog.php, editblog.php, editlinks.php, edit_users.php, add_links.php). The underlying issue...
CVE-2007-1433
CVE-2007-1433 is an XSS vulnerability affecting Grayscale Blog 0.8.0 (and possibly earlier). The issue arises in comment handling, allowing remote attackers to inject arbitrary web script or HTML via the comment fields in two pages: scripts/addblog_comment.php and detail.php. The NVD entry docume...
CVE-2007-1433
Cross-site scripting XSS vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment fields to 1 scripts/addblogcomment.php and 2 detail.php...
CVE-2007-1434
Grayscale Blog 0.8.0 (and possibly earlier) is affected by an SQL injection vulnerability. The vulnerable components are the PHP scripts userdetail.php (parameter id ), jump.php (parameter url ), and detail.php (parameter id ). Root cause: unsafely constructed SQL queries via these inputs, enabli...
BP Blog 7.0 (default.asp layout) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =================================================================== BP Blog 7.0 default.asp layout Remote SQL Injection Vulnerability =================================================================== Script : BP Blog D0rk : "Powered by B...
BP Blog 7.0 - 'layout' SQL Injection
BeyazKurt Script : BP Blog D0rk : "Powered by BP Blog 7.0" thnx : Forever.slam and all WorldHackerz Team! WorldHackerz Mirr0r'da Taht Bizimdir h := ------- Exploit :...
BP Blog 7.0 - layout SQL Injection
BP Blog 7.0 - layout SQL Injection BeyazKurt Script : BP Blog D0rk : "Powered by BP Blog 7.0" thnx : Forever.slam and all WorldHackerz Team! WorldHackerz Mirr0r'da Taht Bizimdir h := ------- Exploit :...
Stack overflow
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or...
CVE-2007-1399
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or...
Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns
No description provided by source. Security Advisory - Multiple Vulnerabilities in Grayscale Blog 0.8.0 Date : 2007-02-24 Product : Grayscale Blog Version : 0.8.0 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/gsblogger/ - http://www.karlcore.com/programming/blog/...
Security Advisory - Multiple Vulnerabilities in Grayscale Blog 0.8.0
Security Advisory - Multiple Vulnerabilities in Grayscale Blog 0.8.0 Date : 2007-02-24 Product : Grayscale Blog Version : 0.8.0 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/gsblogger/ - http://www.karlcore.com/programming/blog/ Vendor Status : 2007-02-24 - Not...
Grayscale Blog 0.8.0 - Security Bypass / SQL Injection / Cross-Site Scripting
Security Advisory - Multiple Vulnerabilities in Grayscale Blog 0.8.0 Date : 2007-02-24 Product : Grayscale Blog Version : 0.8.0 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/gsblogger/ - http://www.karlcore.com/programming/blog/ Vendor Status : 2007-02-24 - Not...
Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns
Exploit for unknown platform in category web applications ==================================================================== Grayscale Blog 0.8.0 Security Bypass/SQL/XSS Multiple Remote Vulns ==================================================================== Security Advisory - Multiple...
Grayscale Blog 0.8.0 - Security Bypass SQL Injection Cross-Site Scripting
Grayscale Blog 0.8.0 - Security Bypass SQL Injection Cross-Site Scripting Security Advisory - Multiple Vulnerabilities in Grayscale Blog 0.8.0 Date : 2007-02-24 Product : Grayscale Blog Version : 0.8.0 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/gsblogger/ -...
MSMAX BLOG vulnerability generally experience-vulnerability warning-the black bar safety net
Say I have a domain name, http://www.yylover.com('s the AD: I had previously done a website but feel bad, so I want to use the BLOG program. I don't like large BLOG program, like a small BLOG. So go to chinaz. com one search the Find a suitable own ASP—BLOG program, had wanted to use PHP, but my...