Lucene search
K

3170 matches found

NVD
NVD
added 2006/09/29 12:7 a.m.12 views

CVE-2006-5086

Blog Pixel Motion 2.1.1 allows remote attackers to change the username and password for the admin user via a direct request to inserebase.php with modified 1 login and 2 pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but it is not...

6.4CVSS7.8AI score0.01071EPSS
Exploits1References5
NVD
NVD
added 2006/09/29 12:7 a.m.12 views

CVE-2006-5085

Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...

7.5CVSS7.8AI score0.44361EPSS
Exploits2References6
Cvelist
Cvelist
added 2006/09/29 12:0 a.m.20 views

CVE-2006-5085

Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...

7.8AI score0.44361EPSS
Exploits2References6
CVE
CVE
added 2006/09/29 12:0 a.m.44 views

CVE-2006-5086

Blog Pixel Motion 2.1.1 is affected. The vulnerability allows remote attackers to change the admin username and password via a direct request to insere_base.php using modified (1) login and (2) pass parameters. The original researcher claimed SQL injection, but the report notes that this is not S...

6.4CVSS8.2AI score0.01071EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2006/09/29 12:0 a.m.41 views

CVE-2006-5085

CVE-2006-5085 affects Blog Pixel Motion 2.1.1. The vulnerability is a static code injection in config.php where the nom_blog parameter is injected into include/variables.php, enabling remote attackers to execute arbitrary PHP code. The available connected documents confirm the affected software v...

7.5CVSS7.8AI score0.44361EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2006/09/29 12:0 a.m.16 views

CVE-2006-5086

Blog Pixel Motion 2.1.1 allows remote attackers to change the username and password for the admin user via a direct request to inserebase.php with modified 1 login and 2 pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but it is not...

7.8AI score0.01071EPSS
Exploits1References5
0day.today
0day.today
added 2006/09/27 12:0 a.m.39 views

Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit

Exploit for unknown platform in category web applications ================================================================= Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit ================================================================= !/usr/bin/perl Affected.scr..: Blog Pixel...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/09/27 12:0 a.m.20 views

Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit

No description provided by source. !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/09/27 12:0 a.m.29 views

Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin

Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..:...

Exploits0
Exploit DB
Exploit DB
added 2006/09/27 12:0 a.m.46 views

Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin

!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/04/01 12:0 a.m.36 views

BPMSQL.txt

+Blog Pixel Motion +Sowtware's Web Site:www.pixelmotion.org +founded by Morocco Security Team +creetz to:SnIpErSA,Esp!onLeRaVaGe,CiM-TeaM,Kasparov,nabil,sniper,www.lezr.com and all muslim morocco +http://victim/blog/admin/index.php +user:moroccan-security //you can write any name : +pass:' or...

7.4AI score
Exploits0
Prion
Prion
added 2006/03/28 8:2 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the 1 date parameter in index.php or bypass authentication via the 2 password parameter in admin/index.php...

7.5CVSS9.7AI score0.01935EPSS
Exploits1References8
NVD
NVD
added 2006/03/28 8:2 p.m.16 views

CVE-2006-1426

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the 1 date parameter in index.php or bypass authentication via the 2 password parameter in admin/index.php...

7.5CVSS8.9AI score0.01935EPSS
Exploits1References8
CVE
CVE
added 2006/03/28 8:0 p.m.45 views

CVE-2006-1426

Pixel Motion Blog is affected by multiple SQL injection vulnerabilities disclosed for CVE-2006-1426. The issues allow remote attackers to execute arbitrary SQL commands through the date parameter in index.php or bypass authentication via the password parameter in admin/index.php. The NVD entry ci...

7.5CVSS8.9AI score0.01935EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2006/03/28 8:0 p.m.20 views

CVE-2006-1426

Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the 1 date parameter in index.php or bypass authentication via the 2 password parameter in admin/index.php...

8.9AI score0.01935EPSS
Exploits1References8
securityvulns
securityvulns
added 2006/03/28 12:0 a.m.26 views

Blog Pixel Motion<=1.xx Authentication Bypass Vulnerability & SQL injection

+Blog Pixel Motion +Sowtware's Web Site:www.pixelmotion.org +founded by Morocco Security Team +creetz to:SnIpErSA,Esp!onLeRaVaGe,CiM-TeaM,Kasparov,nabil,sniper,www.lezr.com and all muslim morocco +http://victim/blog/admin/index.php +user:moroccan-security //you can write any name : +pass:' or...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/27 12:0 a.m.33 views

Pixel Motion - 'index.php?date' SQL Injection

source: https://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/03/27 12:0 a.m.25 views

Pixel Motion - adminindex.php Multiple SQL Injections

Pixel Motion - adminindex.php Multiple SQL Injections source: https://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2006/03/27 12:0 a.m.25 views

Pixel Motion - index.php?date SQL Injection

Pixel Motion - index.php?date SQL Injection source: https://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/27 12:0 a.m.27 views

Pixel Motion - '/admin/index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

7.4AI score
Exploits0
Rows per page
Query Builder