CVE-2009-2552

CVE-2009-2552 affects Super Simple Blog Script 2.5.4, specifically the comments.php component. The vulnerability is described as multiple directory traversal flaws that allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter. The available sources (...

Super Simple Blog Script 2.5.4 - entry SQL Injection

Super Simple Blog Script 2.5.4 - entry SQL Injection ----------exploit Debut Remote SQL Injection Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download :...

Super Simple Blog Script 2.5.4 (entry) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Super Simple Blog Script 2.5.4 entry SQL Injection Vulnerability ================================================================== ----------exploit Debut Remote SQL...

Super Simple Blog Script 2.5.4 (entry) SQL Injection Vulnerability

No description provided by source. ----------exploit Debut Remote SQL Injection Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download :...

Super Simple Blog Script 2.5.4 - Local File Inclusion

Super Simple Blog Script 2.5.4 - Local File Inclusion ----------exploit Debut Local File Inclusion Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download :...

Super Simple Blog Script 2.5.4 Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= Super Simple Blog Script 2.5.4 Local File Inclusion Vulnerability ================================================================= ----------exploit Debut Local File...

Super Simple Blog Script 2.5.4 - Local File Inclusion

----------exploit Debut Local File Inclusion Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download : http://supersimple.org/downloads/SuperSimpleBlogScriptV254.zip...

Super Simple Blog Script 2.5.4 SQL Injection

----------exploit Debut Remote SQL Injection Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download : http://supersimple.org/downloads/SuperSimpleBlogScriptV254.zip...

Super Simple Blog Script 2.5.4 Local File Inclusion Vulnerability

No description provided by source. ----------exploit Debut Local File Inclusion Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download :...

Printlog <= 0.4 (filename) Remote File Disclosure Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog = 0.4: Remote File Edition Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: Printlog $ File affected: index.php $ Version: 0.4 $ Download: http://www.hardkap.net/pritlog Found...

CVE-2008-2670

CVE-2008-2670 affects Insanely Simple Blog 0.5 and earlier. The vulnerability is SQL injection in index.php, exploitable via the id or term parameters in a search action, enabling remote arbitrary SQL execution. The current_subsection parameter is noted as covered by CVE-2007-3889. No patch/versi...

Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities

No description provided by source. / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | |&nbsp...

insanely-sql.txt

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: Insanely Simple Blog 0.5 index...

Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== Insanely Simple Blog 0.5 index Remote SQL Injection Vulnerabilities ===================================================================== / | || | | | | | | | | /| | | |...

Insanely Simple Blog 0.5 - SQL Injection

Insanely Simple Blog 0.5 - SQL Injection / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title...

Insanely Simple Blog 0.5 - SQL Injection

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: Insanely Simple Blog 0.5 index...

Insanely simple blog - Multiple vulnerabilities

Insanely simple blog version 0.5 and below http://sourceforge.net/projects/insanelysimple2 ISB contains multple vulnerabilities including both XSS, and SQL injection. First off, the search action fails to strip user content for html allowing a user to input tags. Next, anonymous blog entries can...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the search action, possibly related to the term parameter to index.php; or 2 an anonymous blog entry, possibly involving the a postedby, b...

CVE-2007-3889

Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to execute arbitrary SQL commands via the currentsubsection parameter to index.php and other unspecified vectors...

CVE-2007-3888

Multiple cross-site scripting XSS vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the search action, possibly related to the term parameter to index.php; or 2 an anonymous blog entry, possibly involving the a postedby, b...