Vulnerabilities in lifetype

k k kkkk kk kkkk k k kkkkkk kkkkkk kkkk k k k k k k k k k k k k k k kk k k k k kk k k k k kk kkkkk k kkkkk kk kk kkkkkk k k k k k k kk k k k k k k k kk k k k k k k k k k k k k kkkk kk kkkk k k kk k k kkkk k kk k k k =- Vulnerabilities in Lifetype Author : Rusydi Hasan M a.k.a : cR45H3R Date :...

Serendipity Blog vuln

I found this while auditing serendipty blog. You need a blog account which isnt that big of deal just google all the sites that give out free blogs for this to work. After you get hte blog account you go into your admin panel where there will be config options. The mysql details are editable from...

AR-Blog 5.2 - print.php Cross-Site Scripting

AR-Blog 5.2 - print.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17522/info The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

AR-Blog 5.2 - 'print.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17522/info The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting use...

Sql injection

Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a 1 greply or 2 gpermaPost action to the blog shard engine/shards/blog.php, or a 3 gviewContent action to the content shard...

CVE-2006-1763

Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a 1 greply or 2 gpermaPost action to the blog shard engine/shards/blog.php, or a 3 gviewContent action to the content shard...

CVE-2006-1763

Summary (CVE-2006-1763) : Multiple SQL injection vulnerabilities in blur6ex v0.3.452 allow remote attackers to execute arbitrary SQL commands via the ID parameter in blog and content shards. Specifically, the issues affect engine/shards/blog.php (actions g_reply, g_permaPost) and engine/shards/co...

CVE-2006-1763

Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a 1 greply or 2 gpermaPost action to the blog shard engine/shards/blog.php, or a 3 gviewContent action to the content shard...

BPMSQL.txt

+Blog Pixel Motion +Sowtware's Web Site:www.pixelmotion.org +founded by Morocco Security Team +creetz to:SnIpErSA,Esp!onLeRaVaGe,CiM-TeaM,Kasparov,nabil,sniper,www.lezr.com and all muslim morocco +http://victim/blog/admin/index.php +user:moroccan-security //you can write any name : +pass:' or...

CVE-2006-1426

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the 1 date parameter in index.php or bypass authentication via the 2 password parameter in admin/index.php...

Sql injection

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the 1 date parameter in index.php or bypass authentication via the 2 password parameter in admin/index.php...

CVE-2006-1426

Pixel Motion Blog is affected by multiple SQL injection vulnerabilities disclosed for CVE-2006-1426. The issues allow remote attackers to execute arbitrary SQL commands through the date parameter in index.php or bypass authentication via the password parameter in admin/index.php. The NVD entry ci...

CVE-2006-1426

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the 1 date parameter in index.php or bypass authentication via the 2 password parameter in admin/index.php...

CVE-2006-1333

Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...

Sql injection

Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...

CVE-2006-1333

Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...

CVE-2006-1333

CVE-2006-1333 affects BetaParticle Blog 6.0 and earlier. The vulnerability is a set of SQL injection flaws that allow remote attackers to execute arbitrary SQL commands through the (1) id parameter to template_permalink.asp or (2) fldGalleryID parameter to template_gallery_detail.asp. The underly...

BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== BetaParticle Blog googledork: "Powered by bp blog" 9.710 pages.. use IO::Socket; if@ARGV != 2 usage; else exploit; sub header print "\n- NukedX Security Advisory...

BetaParticle Blog 6.0 - &#039;fldGalleryID&#039; SQL Injection

!/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=20 Usage: beta.pl googledork: "Powered by bp blog" 9.710 pages.. use IO::Socket; if@ARGV != 2 usage; else exploit; sub...

BetaParticle Blog &lt;= 6.0 (fldGalleryID) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=20 Usage: beta.pl host path googledork: "Powered by bp blog" 9.710 pages.. use...