31 matches found
EUVD-2006-1337
Malware in sbrugna...
EUVD-2005-0855
Malware in sbrugna...
betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload
No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...
betaparticle blog 2.0/3.0 myFiles.asp Unauthenticated File Manipulation
No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...
betaparticle blog 2.0/3.0 dbBlogMX.mdb Direct Request Database Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...
BP Blog 6.0 - id Blind SQL Injection
BP Blog 6.0 - id Blind SQL Injection --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ bp blog = 0 Exploit2: http://localhost/path/templatepermalink.asp?id=78 and exists select from TABLE Example: http://localhost/path/templatepermalink.asp?id=78 A...
BP Blog 6.0 - 'id' Blind SQL Injection
--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ bp blog = 0 Exploit2: http://localhost/path/templatepermalink.asp?id=78 and exists select from TABLE Example: http://localhost/path/templatepermalink.asp?id=78 AND SELECT Count FROM tblauthor = 0...
CVE-2006-1333
Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...
Sql injection
Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...
CVE-2006-1333
CVE-2006-1333 affects BetaParticle Blog 6.0 and earlier. The vulnerability is a set of SQL injection flaws that allow remote attackers to execute arbitrary SQL commands through the (1) id parameter to template_permalink.asp or (2) fldGalleryID parameter to template_gallery_detail.asp. The underly...
CVE-2006-1333
Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...
Advisory: BetaParticle Blog <= 6.0 Multiple Remote SQL Injection Vulnerabilities
--Security Report-- Advisory: BetaParticle Blog = 6.0 Multiple Remote SQL Injection Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 18/03/06 05:27 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: BetaParticle...
BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ==================================================================== BetaParticle Blog googledork: "Powered by bp blog" 9.710 pages.. use IO::Socket; if@ARGV != 2 usage; else exploit; sub header print "\n- NukedX Security Advisory...
BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=20 Usage: beta.pl host path googledork: "Powered by bp blog" 9.710 pages.. use...
BetaParticle Blog 6.0 - 'fldGalleryID' SQL Injection
!/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=20 Usage: beta.pl googledork: "Powered by bp blog" 9.710 pages.. use IO::Socket; if@ARGV != 2 usage; else exploit; sub...
CVE-2005-0854
betaparticle blog bp blog, posisbly before version 4, allows remote attackers to bypass authentication and 1 upload files via a direct request to upload.asp or 2 delete files via a direct request to myFiles.asp...
CVE-2005-0853
betaparticle blog bp blog stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to 1 dbBlogMX.mdb for versions before 3.0, or 2 Blog.mdb for versions 3.0 and later. NOTE: it was later reported that vector 2 also affects versions...
EUVD-2005-0854
betaparticle blog bp blog stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to 1 dbBlogMX.mdb for versions before 3.0, or 2 Blog.mdb for versions 3.0 and later. NOTE: it was later reported that vector 2 also affects versions...
CVE-2005-0853
betaparticle blog bp blog stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to 1 dbBlogMX.mdb for versions before 3.0, or 2 Blog.mdb for versions 3.0 and later. NOTE: it was later reported that vector 2 also affects versions...
CVE-2005-0854
betaparticle blog bp blog, posisbly before version 4, allows remote attackers to bypass authentication and 1 upload files via a direct request to upload.asp or 2 delete files via a direct request to myFiles.asp...