Lucene search
K

6 matches found

Prion
Prion
added 2008/07/09 12:41 a.m.14 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899...

5.1CVSS8.1AI score0.00919EPSS
Exploits7References2Affected Software1
CVE
CVE
added 2008/07/09 12:0 a.m.51 views

CVE-2008-3080

MyBloggie 2.1.6 (myWebland) is affected by two related issues. First, CVE-2008-3080 describes a CSRF vulnerability in admin.php that allows remote attackers to perform edit actions as administrators; this may enable combined or chained actions. Second, CVE-2007-1899 (and related records) document...

5.1CVSS7.6AI score0.00413EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2008/07/09 12:0 a.m.50 views

CVE-2007-1899

CVE-2007-1899 affects myWebland myBloggie 2.1.6. It describes multiple SQL injection vulnerabilities: remote attackers can exploit user_id in viewuser (index.php) and post_id in edit (admin.php) to run arbitrary SQL commands; also note that authenticated administrators can abuse the post_id path....

5.1CVSS8AI score0.00919EPSS
Exploits6References4Affected Software1
Packet Storm
Packet Storm
added 2008/07/01 12:0 a.m.37 views

mybloggie-sql.txt

netVigilance Security Advisory 40 myBloggie version 2.1.6 Multiple SQL Injection Vulnerability Description: myBloggie http://mywebland.com/mybloggie/ is considered one of the most simple, user-friendliest yet packed with features Weblog system available to date. Built using PHP & mySQL, web most...

5.1CVSS6.5AI score0.00919EPSS
Exploits6
exploitpack
exploitpack
added 2008/06/30 12:0 a.m.25 views

MyBloggie 2.1.6 - Multiple SQL Injections

MyBloggie 2.1.6 - Multiple SQL Injections netVigilance Security Advisory 40 myBloggie version 2.1.6 Multiple SQL Injection Vulnerability Description: myBloggie http://mywebland.com/mybloggie/ is considered one of the most simple, user-friendliest yet packed with features Weblog system available t...

5.1CVSS0.4AI score0.00919EPSS
Exploits6
Exploit DB
Exploit DB
added 2008/06/30 12:0 a.m.59 views

MyBloggie 2.1.6 - Multiple SQL Injections

netVigilance Security Advisory 40 myBloggie version 2.1.6 Multiple SQL Injection Vulnerability Description: myBloggie http://mywebland.com/mybloggie/ is considered one of the most simple, user-friendliest yet packed with features Weblog system available to date. Built using PHP & mySQL, web most...

5.1CVSS6.5AI score0.00919EPSS
Exploits6
Rows per page
Query Builder