8 matches found
EUVD-2006-0317
Malware in sbrugna...
CVE-2006-0310
Cross-site scripting XSS vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag...
Sql injection
SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2006-0311
SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2006-0311
SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2006-0312
CVE-2006-0312 affects aoblogger 2.3. A flaw in create.php allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1. The root cause is an authentication bypass in the creation flow, enabling unauthorized post creation. Affected component: creat...
CVE-2006-0311
CVE-2006-0311 is an SQL injection in aoblogger 2.3, exposed via login.php and the username parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. Reported impact aligns with CVSS base metrics (7.5: High; network vector, low complexity, no authentication). Affected...
CVE-2006-0312
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1...