2399 matches found
[SA15747] Ublog Reload SQL Injection and Cross-Site Scripting
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Ublog Reload 1.0.5 - 'blog_comment.asp?y' SQL Injection
source: https://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...
Ublog Reload 1.0.5 - 'index.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...
CVE-2005-1426
Affected software: Ublog Reload (Uapplication Ublog Reload). Vulnerable component: mdb-database/blog.mdb (aka blog.msb) exposed under the web root. Root cause: insufficient access control in the web root enables direct HTTP retrieval of the database by remote attackers. Impact: potential unauthor...
CVE-2005-1426
Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb aka mdb-database/blog.msb...
CVE-2005-1426
Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb aka mdb-database/blog.msb...
CVE-2005-0925
Cross-site scripting XSS vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2005-0938
Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb...
CVE-2005-1020
Secure Shell SSH 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service device reload 1 via a username that contains a domain name when using a TACACS+ server to authenticate, 2 when a new SSH session is in the login phase and a currently logged in user issues a sen...
Cisco routers IOS ssh DoS
Bugs in ssh in conbination with TACACS+ causes router to hang or reload...
[PersianHacker.NET 200503-11]Ublog reload 1.0.4 and prior Multiple Vulnerbilities
PersianHacker.NET 200503-11Ublog reload 1.0.4 and prior Multiple Vulnerbilities Date: 2005 03 Bug Number: 11 Ublog Ublog reload is a complete ASP weblog system. More info @: http://www.uapplication.com Discussion: -------------------- What are the bugs ? 1 Cross-Site Scripting that lets attackers...
CVE-2005-0938
The CVE concerns Ublog Reload 1.0–1.0.4, where the application stores ublogreload.mdb under the web root. This enables an attacker to read usernames and hashed passwords by making a direct request to ublogreload.mdb, exposing authentication data. The underlying issue is exposure of the MDB databa...
CVE-2005-0938
Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb...
CVE-2005-0925
Cross-site scripting XSS vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2005-0925
CVE-2005-0925 affects Ublog Reload 1.0–1.0.4. Affected component: login.asp, vulnerable parameter: msg, enabling Cross‑site Scripting (XSS) by remote attackers to inject arbitrary script/HTML. Impact aligns with partial integrity concerns and no confidentiality/availability loss per CVSS—base 4.3...
CVE-2004-1454
Cisco IOS CVE-2004-1454 affects IOS trains based on 12.0S, 12.2, and 12.3 where OSPF is enabled. A malformed OSPF packet can be used by a remote attacker to cause a denial of service (device reload). Several sources corroborate that the vulnerability arises from OSPF packet handling and that the ...
CVE-2005-0197
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching MPLS installed but disabled, allows remote attackers to cause a denial of service device reload via a crafted packet sent to the disabled interface...
CVE-2005-0196
Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service device reload via a malformed BGP packet...
Multiple Crafted IPv6 Packets Cause Reload
...
Cisco IOS Misformed BGP Packet Causes Reload
...