22 matches found
EUVD-2009-1051
Malware in sbrugna...
EUVD-2009-1050
Malware in sbrugna...
bloginator 1a - (cookie bypass/sql) Multiple Vulnerabilities
No description provided by source. Author = FireShot , Jacopo Vuga. Mail = fireshotatautisticidotorg Software = Bloginator V1A Download = http://kamads.com/kamadsads/download.php?email=bloginator&ID=0 Greets to = Osirys, Myral, str0ke Vulnerability = Insicure Cookie Handling CODE URL...
Bloginator 1a - SQL Command Injection via Cookie Bypass Exploit
No description provided by source. Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotatautisticidotorg / osirysatautisticidotorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...
Bloginator不安全Cookie和SQL注入漏洞
BUGTRAQ ID: 34187 CVECAN ID: CVE-2009-1050,CVE-2009-1049 Bloginator是一套PHP脚本,允许用户在网站上显示、添加、编辑和删除文章。 Bloginator没有正确地验证认证cookie,远程攻击者可以通过修改identifyYourself cookie参数绕过安全限制获得非授权访问。以下是有漏洞的代码段: URL www.site.com/bloginator/articleCall.php global $name,$password,$returnLink; $pname =...
CVE-2009-1049
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter...
Authentication flaw
Bloginator 1A allows remote attackers to bypass authentication and gain administrative access by setting the identifyYourself cookie...
CVE-2009-1050
Bloginator 1A allows remote attackers to bypass authentication and gain administrative access by setting the identifyYourself cookie...
Sql injection
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-1049
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-1050
Bloginator 1A is affected by two issues observed in the provided documents. First, remote attackers can bypass authentication by manipulating the identifyYourself cookie, gaining administrative access. This is caused by improper validation of the authentication cookie in the login flow (articleCa...
CVE-2009-1049
CVE-2009-1049 affects Bloginator 1A, specifically the articleCall.php module. The connected Seebug entry documents a SQL injection vulnerability via the id parameter in articleCall.php, where input is interpolated into a query without proper sanitization, enabling remote attackers to execute arbi...
Bloginator 1a SQL Command Injection
Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotautisticiorg / osirysautisticiorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download = http://kamads.com/kamadsads/download.php?email=bloginator&ID=0 Greets to ...
Bloginator v1a (Cookie Bypass/SQL) Multiple Remote Vulnerabilities
No description provided by source. Author = FireShot , Jacopo Vuga. Mail = fireshotatautisticidotorg Software = Bloginator V1A Download = http://kamads.com/kamadsads/download.php?email=bloginator&ID=0 Greets to = Osirys, Myral, str0ke Vulnerability = Insicure Cookie Handling CODE URL...
Bloginator v1a SQL Command Injection via Cookie Bypass Exploit
No description provided by source. Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotatautisticidotorg / osirysatautisticidotorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...
Bloginator 1a SQL Injection
Author = FireShot , Jacopo Vuga. Mail = fireshotautisticiorg Software = Bloginator V1A Download = http://kamads.com/kamadsads/download.php?email=bloginator&ID=0 Greets to = Osirys, Myral, str0ke Vulnerability = Insicure Cookie Handling CODE URL www.site.com/bloginator/articleCall.php global...
Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass )
Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotautisticiorg / osirysautisticiorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download = http://kamads.com/kamadsads/download.php?email=bloginator&ID=0 Greets to ...
Bloginator 1a - SQL Injection Command Injection (via Cookie Bypass )
Bloginator 1a - SQL Injection Command Injection via Cookie Bypass Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotautisticiorg / osirysautisticiorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...
Bloginator v1a SQL Command Injection via Cookie Bypass Exploit
Exploit for unknown platform in category web applications ============================================================== Bloginator v1a SQL Command Injection via Cookie Bypass Exploit ============================================================== Author = FireShot , Jacopo Vuga. Thx to = Osirys f...
Bloginator 1a - Cookie Bypass / SQL Injection
Author = FireShot , Jacopo Vuga. Mail = fireshotautisticiorg Software = Bloginator V1A Download = http://kamads.com/kamadsads/download.php?email=bloginator&ID=0 Greets to = Osirys, Myral, str0ke Vulnerability = Insicure Cookie Handling CODE URL www.site.com/bloginator/articleCall.php global...