14 matches found
EUVD-2006-4844
Malware in sbrugna...
clickblog.it XSS vulnerability
Open Bug Bounty ID: OBB-407571 Description| Value ---|--- Affected Website:| clickblog.it Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...
ClickBlog! 2.0 Default.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20033/info ClickBlog! is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
Clickblog Displaycalendar.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21310/info Clickblog is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
Clickblog Displaycalendar.ASP SQL注入漏洞
Clickblog是一款基于ASP的日记程序。 Clickblog不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行sql注入攻击,获得敏感信息。 问题是由于'Displaycalendar.ASP'脚本对用户提交的'date'参数缺少过滤,提交恶意sql查询作为参数数据,可更改原来的sql逻辑,获得敏感信息。 Clickblog http://www.clicktech.com/products.asp?id=82&Cat=Software&SubCat=ClickBlog&SubCatID=50...
Clickblog - 'Displaycalendar.asp' SQL Injection
source: https://www.securityfocus.com/bid/21310/info Clickblog is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or...
Clickblog - Displaycalendar.asp SQL Injection
Clickblog - Displaycalendar.asp SQL Injection source: https://www.securityfocus.com/bid/21310/info Clickblog is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
CVE-2006-4857
SQL injection vulnerability in default.asp aka the login page in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 formcodeword aka the Password field parameters...
CVE-2006-4857
SQL injection vulnerability in default.asp aka the login page in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 formcodeword aka the Password field parameters...
CVE-2006-4857
CVE-2006-4857 is an SQL injection vulnerability in the default.asp login page of ClickTech ClickBlog 2.0. The issue permits remote attackers to execute arbitrary SQL commands via the username and form_codeword parameters. The vulnerability is categorized with a high base score (CVSS v2: 7.5; Netw...
ClickBlog! <= v2.0 (default.asp) Admin ByPASS SQL Injection
ENGLISH Title : ClickBlog! = v2.0 default.asp Admin ByPASS SQL Injection Author : ajann Exploit; //Before join login page http://target/path/default.asp Username : ' or ' Password : ' or ' and Login Ok ajann,Turkey...
clickblog20.txt
ENGLISH Title : ClickBlog! = v2.0 default.asp Admin ByPASS SQL Injection Author : ajann Exploit; //Before join login page http://target/path/default.asp Username : ' or ' Password : ' or ' and Login Ok ajann,Turkey...
ClickBlog! 2.0 - 'default.asp' SQL Injection
source: https://www.securityfocus.com/bid/20033/info ClickBlog! is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, ...
ClickBlog! 2.0 - default.asp SQL Injection
ClickBlog! 2.0 - default.asp SQL Injection source: https://www.securityfocus.com/bid/20033/info ClickBlog! is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromi...