6 matches found
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899...
CVE-2008-3080
MyBloggie 2.1.6 (myWebland) is affected by two related issues. First, CVE-2008-3080 describes a CSRF vulnerability in admin.php that allows remote attackers to perform edit actions as administrators; this may enable combined or chained actions. Second, CVE-2007-1899 (and related records) document...
CVE-2007-1899
CVE-2007-1899 affects myWebland myBloggie 2.1.6. It describes multiple SQL injection vulnerabilities: remote attackers can exploit user_id in viewuser (index.php) and post_id in edit (admin.php) to run arbitrary SQL commands; also note that authenticated administrators can abuse the post_id path....
mybloggie-sql.txt
netVigilance Security Advisory 40 myBloggie version 2.1.6 Multiple SQL Injection Vulnerability Description: myBloggie http://mywebland.com/mybloggie/ is considered one of the most simple, user-friendliest yet packed with features Weblog system available to date. Built using PHP & mySQL, web most...
MyBloggie 2.1.6 - Multiple SQL Injections
MyBloggie 2.1.6 - Multiple SQL Injections netVigilance Security Advisory 40 myBloggie version 2.1.6 Multiple SQL Injection Vulnerability Description: myBloggie http://mywebland.com/mybloggie/ is considered one of the most simple, user-friendliest yet packed with features Weblog system available t...
MyBloggie 2.1.6 - Multiple SQL Injections
netVigilance Security Advisory 40 myBloggie version 2.1.6 Multiple SQL Injection Vulnerability Description: myBloggie http://mywebland.com/mybloggie/ is considered one of the most simple, user-friendliest yet packed with features Weblog system available to date. Built using PHP & mySQL, web most...