11 matches found
EUVD-2008-0407
Malware in sbrugna...
CVE-2008-4784
aflog 1.01 allows remote attackers to bypass authentication and gain administrative access by setting the aflogautha cookie to "A" or "O" in 1 editdelete.php, 2 editcat.php, 3 editlock.php, and 4 editform.php...
aflog-insecure.txt
aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies url: http://www.aflog.org/download.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not...
aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities
aflog 1.01 - Multiple Insecure Cookie Handling Vulnerabilities aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies url: http://www.aflog.org/download.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for...
aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies
Exploit for unknown platform in category web applications ========================================================== aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies ========================================================== aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies url...
CVE-2008-0398
Cross-site scripting XSS vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form...
Sql injection
Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via 1 the id parameter to comments.php and 2 an unspecified parameter to view.php...
Cross site scripting
Cross-site scripting XSS vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form...
CVE-2008-0398
The CVE-2008-0398 entry describes a Cross-site scripting (XSS) vulnerability in aflog 1.01 and possibly earlier versions. The issue allows remote attackers to inject arbitrary web script or HTML via the comment form . According to the NVD entry, the CVSSv2 base score is 4.3 (Medium) with vector A...
aflog 1.01 comments.php XSS / SQL Injection Vulnerability
No description provided by source. Name: aflog 1.01 and possibly earlier Webiste: http://aflog.org/ Vulnerability type: SQL Injection comments.php and XSS Author: shinmai, 2008-01-22 Description: SQL INJECTION: SQL injection is possible in comments.php for the GET variable 'id', like this:...
aflog 1.01 comments.php XSS / SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= aflog 1.01 comments.php XSS / SQL Injection Vulnerability ========================================================= Name: aflog 1.01 and possibly earlier Webiste: http://aflog.org/...