20 matches found
EUVD-2008-3871
Malware in sbrugna...
EUVD-2006-6159
Malware in sbrugna...
EUVD-2008-3870
Malware in sbrugna...
CVE-2008-3885
Cross-site request forgery CSRF vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make content modifications. NOTE: some of these details are obtained from third party information...
CVE-2008-3884
Cross-site scripting XSS vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-6176...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make content modifications. NOTE: some of these details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-6176...
CVE-2008-3884
Cross-site scripting XSS vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-6176...
CVE-2008-3885
Blogn (BURO GUN) is affected by a CSRF vulnerability in version 1.9.7 and earlier. The issue allows an attacker to hijack the authentication of a logged-in user to perform content-modification requests when the user visits a malicious page. The impact is that contents created by Blogn may be edit...
CVE-2008-3885
Cross-site request forgery CSRF vulnerability in Blogn BURO GUN 1.9.7 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make content modifications. NOTE: some of these details are obtained from third party information...
CVE-2008-3884
Blogn (BURO GUN) has multiple XSS-related CVEs described across sources. CVE-2006-6176 targets admin.php in Blogn before 1.9.4, allowing remote injection of arbitrary script/HTML via unspecified parameters. CVE-2008-3884 affects Blogn v1.9.7 and earlier, with XSS via unspecified vectors and notes...
Blogn vulnerable to cross-site scripting
Overview Blogn from R-ONE Computer contains a cross-site scripting vulnerability. Blogn from R-ONE Computer is software for creating blogs. Blogn contains a cross-site scripting vulnerability. Masako Ohno of NetAgent Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
Blogn vulnerable to cross-site request forgery
Overview Blogn from R-ONE Computer contains a cross-site request forgery vulnerability. Blogn from R-ONE Computer is software for creating blogs. Blogn contains a cross-site request forgery vulnerability. Masako Ohno of NetAgent Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated...
JVN#03859837 Blogn vulnerable to cross-site scripting
Blogn from R-ONE Computer is software for creating blogs. Blogn contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the vendor. Products Affected Blogn v1.9.7 and earl...
JVN#84125369 Blogn vulnerable to cross-site request forgery
Blogn from R-ONE Computer is software for creating blogs. Blogn contains a cross-site request forgery vulnerability. Impact Contents created by Blogn may be editted or modified if the logged in user views a malicious web page. Solution Update the Software Apply the latest update provided by the...
Blogn cross-site scripting vulnerability
Overview Blogn, a script for the creation of blogs from R-ONE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking...
CVE-2006-6176
Cross-site scripting XSS vulnerability in admin.php in Blogn before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
CVE-2006-6176
CVE-2006-6176 describes a Cross-site Scripting (XSS) vulnerability in Blogn’s admin.php in versions before 1.9.4, allowing remote attackers to inject arbitrary script/HTML via unspecified parameters. The NVD entry lists a base score of 6.8 (Medium) with network attack vector and no authentication...
CVE-2006-6176
Cross-site scripting XSS vulnerability in admin.php in Blogn before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...
JVN#21125043 Blogn cross-site scripting vulnerability
Impact An arbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected Blogn v1.9.3 and earlier...