EUVD-2006-6002

Malware in sbrugna...

EUVD-2008-1320

Malware in sbrugna...

Bloo 1.00 Googlespell_Proxy.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21130/info Bloo is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities

No description provided by source...

bloo-sql.txt

--==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==-- Author: MhZ91 Title: Bloo - Object...

CVE-2008-1313

Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 postid, 2 postcategoryid, 3 postyearmonth, and 4 staticpageid parameters; and unspecified other vectors...

Sql injection

Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 postid, 2 postcategoryid, 3 postyearmonth, and 4 staticpageid parameters; and unspecified other vectors...

CVE-2008-1313

CVE-2008-1313 involves SQL injection vulnerabilities in Bloo 1.00 and earlier, triggered through parameters (post_id, post_category_id, post_year_month, static_page_id) and other vectors in index.php. Remote attackers could execute arbitrary SQL commands. The vulnerability is documented with a CV...

CVE-2008-1313

Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 postid, 2 postcategoryid, 3 postyearmonth, and 4 staticpageid parameters; and unspecified other vectors...

Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications...

Bloo 1.00 - Multiple SQL Injections

Bloo 1.00 - Multiple SQL Injections --==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==--...

Bloo &lt;= 1.00 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. --==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==--...

CVE-2006-6023

PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. NOTE: this issue is disputed by CVE since $descriptorFileList is used in a function definition within phoo.base.ph...

CVE-2006-6019

Cross-site scripting XSS vulnerability in extensions/googiespell/googlespellproxy.php in Bill Roberts Bloo 1.0 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2006-6023

PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. NOTE: this issue is disputed by CVE since $descriptorFileList is used in a function definition within phoo.base.ph...

CVE-2006-6023

Affected software: Bloo 1.0, in phoo.base.php. Vulnerability: PHP remote file inclusion via a URL provided to the descriptorFileList parameter, allowing remote code execution; root cause noted as descriptorFileList being used in a function definition. Impact: remote arbitrary PHP code execution (...

CVE-2006-6019

CVE-2006-6019 affects Bloo 1.0 (extensions/googiespell/googlespell_proxy.php). The vulnerability is a cross-site scripting (XSS) flaw in the lang parameter, caused by insufficient sanitization, allowing remote attackers to inject arbitrary script in the victim’s browser. Documented impact is clie...

PT-2006-6670 · Bloo · Bloo

Name of the Vulnerable Software and Affected Versions: Bloo versions 1.0 Description: A remote file inclusion issue in phoo.base.php allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. This issue is disputed, as $descriptorFileList is used within a...

PT-2006-6666 · Bloo · Bloo

Name of the Vulnerable Software and Affected Versions: Bloo version 1.0 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the lang parameter in the extensions/googiespell/googlespell proxy.php file. Recommendations: For...

bloo100-rfi.txt

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM Bloo =...