48 matches found
EUVD-2008-6408
Malware in sbrugna...
EUVD-2006-1147
Malware in sbrugna...
EUVD-2008-2450
Malware in sbrugna...
BlogEngine 输入验证错误漏洞
BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes and so on. BlogEngine.NET v3.3.8.0 version of a security vulnerability , the vulnerability stems from the ability to create any folder with the prefix "files" under /AppData/...
Node.js third-party modules: Stored XSS (Hexo-admin plugin)
I would like to report Stored XSS in Hexo-admin It allows The Post editor functionality in the hexo-admin plugin 3.9.0 for Node.js is vulnerable to stored XSS via the content of a post. Module module name: Hexo-admin version: 3.9.0 npm page: https://www.npmjs.com/package/hexo-admin Module...
Cross-Site Scripting (XSS)
forkcms has cross-site scripting XSS vulnerability. The vulnerability is possible because the value returned by the getAllComments function in Frontend/Modules/Blog/Engine/Model.php is not properly escaped, allowing a malicious user to inject and execute arbitrary web script...
E107 BLOG Engine Plugin Remote SQL Injection (CVE-2008-6438)
An SQL injection vulnerability has been reported in E107coders Macguru Blog Engine Plugin. An attacker could exploit this vulnerability via the uid parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
E107 BLOG Engine Plugin SQL Injection (CVE-2008-2455)
An SQL injection vulnerability has been reported in E107coders E107 Blog Engine. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Joomla Component Amblog 1.0 - Multiple SQL Injection Vulnerabilities
No description provided by source. Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities Name Amblog Vendor http://robitbt.hu Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-08-10 X...
e107 Plugin BLOG Engine 2.1.4 - Remote SQL Injection Vulnerability
No description provided by source. e107 Plugin macgurublogmenu macgurublog.php uid Remote Sql inj author: ZoRLu home: z0rlu.blogspot.com concat: [email protected] date: 28/10/2008 n0te: YALNIZLIK YiTiRDi ANLAMINI YALNIZLIGIMDA : n0te: a.q kpss : dork: allinurl:macgurublog.php?uid= exploit:...
Geeklog Detection
The remote host is running Geeklog, an open source blog engine / content management system written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid36143; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...
CVE-2008-6438
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
Sql injection
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
CVE-2008-6438
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
CVE-2008-6438
The provided data confirms a concrete SQL injection vulnerability in the MacGuru BLOG Engine plugin for e107 (MacGuru Blog Engine). Affected component: macgurublog_menu/macgurublog.php (v2.2, with note that 2.1.4 is also affected) and, per related entries, comment.php. Root cause: unsanitized inp...
e107 Plugin BLOG Engine 2.1.4 Remote SQL Injection Vulnerability
No description provided by source. e107 Plugin macgurublogmenu macgurublog.php uid Remote Sql inj author: ZoRLu home: z0rlu.blogspot.com concat: [email protected] date: 28/10/2008 n0te: YALNIZLIK YiTiRDi ANLAMINI YALNIZLIGIMDA : n0te: a.q kpss : dork: allinurl:"macgurublog.php?uid=" exploit:...
e107 Plugin BLOG Engine 2.1.4 - SQL Injection
e107 Plugin macgurublogmenu macgurublog.php uid Remote Sql inj author: ZoRLu home: z0rlu.blogspot.com concat: [email protected] date: 28/10/2008 n0te: YALNIZLIK YiTiRDi ANLAMINI YALNIZLIGIMDA : n0te: a.q kpss : dork: allinurl:"macgurublog.php?uid=" exploit:...
e107 Plugin BLOG Engine 2.1.4 - SQL Injection
e107 Plugin BLOG Engine 2.1.4 - SQL Injection e107 Plugin macgurublogmenu macgurublog.php uid Remote Sql inj author: ZoRLu home: z0rlu.blogspot.com concat: [email protected] date: 28/10/2008 n0te: YALNIZLIK YiTiRDi ANLAMINI YALNIZLIGIMDA : n0te: a.q kpss : dork: allinurl:"macgurublog.php?uid="...
e107be-sql.txt
!/usr/bin/perl e107 Plugin BLOG Engine v2.2 SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my lovely friends hadiaryaie2004 &...
e107 Plugin BLOG Engine 2.2 (uid) SQL Injection Exploit
No description provided by source. !/usr/bin/perl e107 Plugin BLOG Engine v2.2 SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my love...