EUVD-2009-1050

Malware in sbrugna...

Bloginator 1a - SQL Command Injection via Cookie Bypass Exploit

No description provided by source. Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotatautisticidotorg / osirysatautisticidotorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...

CVE-2009-1049

SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter...

Authentication flaw

Bloginator 1A allows remote attackers to bypass authentication and gain administrative access by setting the identifyYourself cookie...

CVE-2009-1050

Bloginator 1A allows remote attackers to bypass authentication and gain administrative access by setting the identifyYourself cookie...

Sql injection

SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-1049

SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-1050

Bloginator 1A is affected by two issues observed in the provided documents. First, remote attackers can bypass authentication by manipulating the identifyYourself cookie, gaining administrative access. This is caused by improper validation of the authentication cookie in the login flow (articleCa...

CVE-2009-1049

CVE-2009-1049 affects Bloginator 1A, specifically the articleCall.php module. The connected Seebug entry documents a SQL injection vulnerability via the id parameter in articleCall.php, where input is interpolated into a query without proper sanitization, enabling remote attackers to execute arbi...