Ublog Reload Admin Panel Multiple HTML Injections

Ublog Reload Admin Panel Multiple HTML Injections Ublog Reload has been developed to run exclusively on web sites hosted on Windows Servers with Internet Information Server 4.0 or higher and ASP 3.0 installed. No other Platforms are supported. Ublog Reload supports Microsoft Access, Microsoft Sql...

SIP Packets Reload IOS Devices with support for SIP

Cisco devices running an affected version of Internetwork Operating System IOS which supports Session Initiation Protocol SIP are affected by a vulnerability that may lead to a reload of the device when receiving a specific series of packets destined to port 5060. This issue is compounded by a...

Cisco IOS Data-link Switching DoS

Device reload on malformed DLSw message parsing...

DLSw Vulnerability

A vulnerability exists in the Data-link Switching DLSw feature in Cisco IOS where an invalid value in a DLSw message could result in a reload of the DLSw device. Successful exploitation of this vulnerability requires that an attacker be able to establish a DLSw connection to the device. There are...

Design/Logic Flaw

Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service device reload via 1 "valid, but obsolete" or 2 "specially crafted" HTTP requests...

CVE-2006-1631

The CVE-2006-1631 entry refers to a vulnerability in Cisco 11500 Series Content Services switches where the HTTP compression feature can be abused to trigger a denial-of-service (device reload) by sending certain HTTP requests (either valid but obsolete or specially crafted). Exploitation details...

Cisco IP Phones DoS

Syn-flood causes phone to reload...

CVE-2005-3426

Cisco CSS 11500 Content Services Switch CSS with SSL termination services allows remote attackers to cause a denial of service memory corruption and device reload via a malformed client certificate during SSL session negotiation...

CVE-2005-3426

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services is affected by CVE-2005-3426. The vulnerability allows remote attackers to trigger a denial of service via memory corruption during SSL session negotiation when a malformed client certificate is presented. The entry notes...

CVE-2005-3426

Cisco CSS 11500 Content Services Switch CSS with SSL termination services allows remote attackers to cause a denial of service memory corruption and device reload via a malformed client certificate during SSL session negotiation...

long sendmail timeouts let attacker prevent milter quiesce

Summary: An attacker that can predict when a milter will need to quiesce input to allow for a reload may hold open an SMTP session for several hours. This will lead to a DoS condition on the mailserver. Background: Sendmail is a popular Mail Transfer Agent MTA, used in many large sites that requi...

Echo Security Advisory 2005.18

--------------------------------------------------------------------------- ECHOADV18$2005 Multiple SQL INJECTION in Ublog Reload 1.0.5 --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 20th 2005 Location: Indonesia, Jakarta Web:...

CVE-2005-2009

CVE-2005-2009 affects Ublog Reload 1.0.5 with multiple SQL injection vulnerabilities. Remote attackers can potentially execute arbitrary SQL commands through (1) ci, (2) d, or (3) m parameters to index.asp, or the (4) bi parameter to blog_comment.asp. The connected documents confirm the vendor/pr...

CVE-2005-2009

Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the 1 ci, 2 d, or 3 m parameter to index.asp, or the 4 bi parameter to blogcomment.asp...

CVE-2005-2010

Cross-site scripting XSS vulnerability in trackback.asp in Ublog Reload 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the btitle parameter...

CVE-2005-2010

XSS vulnerability CVE-2005-2010 in Ublog Reload 1.0.5 tracked via trackback.asp: an attacker can inject arbitrary script/HTML through the btitle parameter. Affected component is trackback.asp in Ublog Reload 1.0.5; root cause is improper sanitization of user-supplied input in the btitle field, en...

CVE-2005-2009

Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the 1 ci, 2 d, or 3 m parameter to index.asp, or the 4 bi parameter to blogcomment.asp...

CVE-2005-2010

Cross-site scripting XSS vulnerability in trackback.asp in Ublog Reload 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the btitle parameter...

UApplication Ublog Reload 1.0.5 - 'Trackback.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...

Ublog Reload 1.0.5 - blog_comment.asp?y SQL Injection

Ublog Reload 1.0.5 - blogcomment.asp?y SQL Injection source: https://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...