EUVD-2005-0855

Malware in sbrugna...

EUVD-2006-1337

Malware in sbrugna...

betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload

No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...

betaparticle blog 2.0/3.0 dbBlogMX.mdb Direct Request Database Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...

betaparticle blog 2.0/3.0 myFiles.asp Unauthenticated File Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...

BP Blog 6.0 - id Blind SQL Injection

BP Blog 6.0 - id Blind SQL Injection --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ bp blog = 0 Exploit2: http://localhost/path/templatepermalink.asp?id=78 and exists select from TABLE Example: http://localhost/path/templatepermalink.asp?id=78 A...

BP Blog 6.0 - 'id' Blind SQL Injection

--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ bp blog = 0 Exploit2: http://localhost/path/templatepermalink.asp?id=78 and exists select from TABLE Example: http://localhost/path/templatepermalink.asp?id=78 AND SELECT Count FROM tblauthor = 0...

Sql injection

Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...

CVE-2006-1333

Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...

CVE-2006-1333

Multiple SQL injection vulnerabilities in BetaParticle Blog 6.0 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to templatepermalink.asp or 2 fldGalleryID parameter to templategallerydetail.asp...

CVE-2006-1333

CVE-2006-1333 affects BetaParticle Blog 6.0 and earlier. The vulnerability is a set of SQL injection flaws that allow remote attackers to execute arbitrary SQL commands through the (1) id parameter to template_permalink.asp or (2) fldGalleryID parameter to template_gallery_detail.asp. The underly...

Advisory: BetaParticle Blog <= 6.0 Multiple Remote SQL Injection Vulnerabilities

--Security Report-- Advisory: BetaParticle Blog = 6.0 Multiple Remote SQL Injection Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 18/03/06 05:27 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: BetaParticle...

BetaParticle Blog <= 6.0 (fldGalleryID) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== BetaParticle Blog googledork: "Powered by bp blog" 9.710 pages.. use IO::Socket; if@ARGV != 2 usage; else exploit; sub header print "\n- NukedX Security Advisory...

BetaParticle Blog 6.0 - &#039;fldGalleryID&#039; SQL Injection

!/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=20 Usage: beta.pl googledork: "Powered by bp blog" 9.710 pages.. use IO::Socket; if@ARGV != 2 usage; else exploit; sub...

BetaParticle Blog &lt;= 6.0 (fldGalleryID) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=20 Usage: beta.pl host path googledork: "Powered by bp blog" 9.710 pages.. use...

CVE-2005-0853

betaparticle blog bp blog stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to 1 dbBlogMX.mdb for versions before 3.0, or 2 Blog.mdb for versions 3.0 and later. NOTE: it was later reported that vector 2 also affects versions...

CVE-2005-0854

betaparticle blog bp blog, posisbly before version 4, allows remote attackers to bypass authentication and 1 upload files via a direct request to upload.asp or 2 delete files via a direct request to myFiles.asp...

CVE-2005-0853

betaparticle blog bp blog stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to 1 dbBlogMX.mdb for versions before 3.0, or 2 Blog.mdb for versions 3.0 and later. NOTE: it was later reported that vector 2 also affects versions...

CVE-2005-0853

The CVE-2005-0853 entry concerns betaparticle blog (bp blog) where the database files are stored under the web root, enabling direct access to sensitive data via HTTP requests. Affected files are (1) dbBlogMX.mdb for versions before 3.0, or (2) Blog.mdb for versions 3.0 and later, with vector 2 a...

CVE-2005-0854

betaparticle blog bp blog, posisbly before version 4, allows remote attackers to bypass authentication and 1 upload files via a direct request to upload.asp or 2 delete files via a direct request to myFiles.asp...