10 matches found
PT-2026-33780
A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zb users/plugin/AppCentre/app upload.php of the component ZBA File Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit is publicly available...
My-Blog-layui 代码注入漏洞
My-Blog-layui is a blog system by ZHENFENG13 individual developer. A code injection vulnerability exists in My-Blog-layui version 1.0, which originates from a cross-site scripting issue in the file /admin/v1/link/edit...
CVE-2018-7737
In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by adminfooter.php or adminfooter.php. NOTE: the software maintainer disputes that this is a vulnerability...
Simple PHP Blog Cross-Site Scripting Vulnerability
Simple PHP Blog is an open source free single-user Blog program written in PHP. A cross-site scripting vulnerability exists in the q parameter of the search.php page in Simple PHP Blog version 0.4.0 due to the program failing to adequately filter user-submitted input. An attacker can exploit this...
Bloo 1.00 - Multiple SQL Injections
Bloo 1.00 - Multiple SQL Injections --==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==--...
Bloo 1.00 - Multiple SQL Injections
--==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==-- Author: MhZ91 Title: Bloo - Object...
Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities
No description provided by source. --==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==--...
Simple PHP Blog Multiple Vulnerabilities
Secure Network - Security Research Advisory Vuln name: Simple PHP Blog Multiple Vulnerabilities Systems affected: simplePHPBlog 0.5.0.1, simplePHPBlog 0.4.8 and all previous versions Systems not affected: - Severity: Medium Local/Remote: Remote Vendor URL: http://www.simplephpblog.com/ Authors:...
Blog System v1.2 SQL inj. vuln.
Blog System v1.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/blog-system-v12-sql-inj-vuln.html vendor:http://www.netartmedia.net/blogsystem/ affected version:v1.2 and prior Product Description: Blog System allows you to launch and...
bBlog <= 0.7.4 Multiple Vulnerabilities (SQLi, XSS)
The remote host is running bBlog, an open source blog software application. According to its banner, the remote version of this software suffers from several vulnerabilities: - A SQL Injection Vulnerability It is reportedly possible to inject SQL statements through the 'postid' parameter of the...