EUVD-2018-2810

Malware in sbrugna...

Code Execution Vulnerability in Axublog 1.1.2

Axublog is a PHP personal blog system. A code execution vulnerability exists in Axublog 1.1.2, which can be exploited by an attacker to execute remote code...

Axublog 1.1.0 存在sql注入漏洞

...

SQL Injection Vulnerability in Axublog Version 1.1.0

Axublog is a PHP personal blog system. A SQL injection vulnerability exists in Axublog version 1.1.0. An attacker can exploit the vulnerability to obtain sensitive database information...

Axublog Code Execution Vulnerability

Axublog is a lightweight blogging system based on PHP and MySQL. A security vulnerability exists in Axublog version 1.1.0. A remote attacker can exploit this vulnerability by injecting PHP code into the cmsconfig.php file to execute code...

Design/Logic Flaw

Axublog 1.1.0 allows remote Code Execution as demonstrated by injection of PHP code contained in the webkeywords parameter into the cmsconfig.php file...

CVE-2018-10740

Axublog 1.1.0 allows remote Code Execution as demonstrated by injection of PHP code contained in the webkeywords parameter into the cmsconfig.php file...

CVE-2018-10740

Axublog 1.1.0 allows remote Code Execution as demonstrated by injection of PHP code contained in the webkeywords parameter into the cmsconfig.php file...

CVE-2018-10740

Axublog 1.1.0 allows remote Code Execution as demonstrated by injection of PHP code contained in the webkeywords parameter into the cmsconfig.php file...

CVE-2018-10740

CVE-2018-10740 affects Axublog 1.1.0 and allows remote code execution by injecting PHP code into cmsconfig.php via the webkeywords parameter. Documented impact is at least partial confidentiality, integrity, and availability (CVSS v3: 9.8, CRITICAL; CVSS v2: 7.5, HIGH). The vulnerability arises f...

SQL Injection Vulnerability in Axublog (search.php)

Axublog is a PHP personal blog system. Axublog search.php suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to bypass filtering and perform direct injection to obtain sensitive database information...

Information Disclosure Vulnerability in Axublog dbbackup/code.php Page

Axublog is a PHP personal blog system. An information disclosure vulnerability exists in the Axublog dbbackup/code.php page. The vulnerability is due to the database backup management tool does not perform password authentication, an attacker can script to view the administrator has backed up the...

Code Execution Vulnerability in axublog Website Builder v1.1.0

Axublog is a PHP personal blog system. Axublog website builder system v1.1.0 version of the background there is a code execution vulnerability, the vulnerability stems from the user-supplied input is not sufficiently filtered, an attacker can exploit the vulnerability to execute arbitrary code...

Arbitrary File Read and Code Execution Vulnerability in Axublog Blog System

Axublog is a PHP personal blog system. An arbitrary file read and code execution vulnerability exists in version 1.0.7 of the Axublog blogging system, which is caused by the system's failure to adequately filter and validate paths and content. An attacker can use this vulnerability to read...

Code execution vulnerability in Axublog ad/theme.php file

Axublog is a PHP personal blog system. A code execution vulnerability exists in the Axublog ad/theme.php file. The vulnerability is due to the program failing to filter the parameters passed, an attacker can exploit the vulnerability to construct a specially crafted file, upload a shell, and obta...

SQL Injection Vulnerability in Axublog v1.0.6 hit.php Page

Axublog is a PHP personal blog system. A SQL injection vulnerability exists in the Axublog v1.0.6 hit.php page. An attacker can exploit this vulnerability to obtain sensitive database information...

Reflected Cross-Site Scripting Vulnerability in Axublog go/index.php Page

Axublog is a PHP personal blog system. A reflective cross-site scripting vulnerability exists in the Axublog go/index.php page. An attacker can construct XSS statements and perform pop-up box operations to obtain user cookies and other information...

Cross-site scripting vulnerability in Axublog art.php

Axublog is a PHP personal blog system. A cross-site scripting vulnerability exists in Axublog art.php due to the system failing to filter incoming parameters. An attacker can exploit this vulnerability to plant cross-site code and obtain sensitive information such as administrator cookies...

SQL Injection Vulnerability in Axublog Blog System

axublog is a PHP personal blog system. A SQL injection vulnerability exists in the Axublog blog system. An attacker can exploit this vulnerability to obtain sensitive information from the database...

SQL Injection Vulnerability in the Frontend of Axublog Blog System

axublog is a PHP personal blog system. A SQL injection vulnerability exists in the frontend of the Axublog blog system. An attacker can exploit this vulnerability to obtain sensitive database information...