16 matches found
EUVD-2008-2666
Malware in sbrugna...
DCFM Blog 0.9.7 Cross Site Scripting Vulnerability
DCFM Blog version 0.9.7 suffers from a cross site scripting vulnerability. DCFM Blog 0.9.7 XSS Attack =========================== Description ============ Open-source blog project. Free blog system for any website. Uses MySQL and PHP 5. Very easily customizable and incredibly flexible...
DCFM Blog 0.9.7 Blind SQL Injection
DCFM Blog Version 0.9.7 Blind SQL Injection Vulnerability time based-attack ================================================================================ Discovered by NA , NAattutanota.com ======================================== Description ============ Open-source blog project. Free blog...
DCFM Blog 0.9.7 Cross Site Scripting
DCFM Blog 0.9.7 XSS Attack =========================== Discovered by NA , NAattutanota.com ======================================== Description ============ Open-source blog project. Free blog system for any website. Uses MySQL and PHP 5. Very easily customizable and incredibly flexible...
DCFM Blog 'comments.php' SQL注入漏洞
BUGTRAQ ID: 29627 DCFM Blog是一款基于PHP的WEB应用程序。 DCFM Blog不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题是'comments.php'脚本对用户提交给WEB参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库 DCFM Blog 0.9.4 目前没有解决方案提供: http://sourceforge.net/projects/dcfm-blog/ form...
Sql injection
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2671
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2671
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2671
The CVE-2008-2671 entry describes a SQL injection in DCFM Blog 0.9.4, affecting comments.php where an attacker can modify the id parameter to execute arbitrary SQL commands remotely. Affected software: DCFM Blog 0.9.4 (comments.php). Root cause: unsanitized/unchecked id parameter leading to SQL c...
dcfm-sql.txt
/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: DCFM Blog 0.9.4 comments Remote...
DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
No description provided by source. / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | ...
DCFM Blog 0.9.4 - SQL Injection
DCFM Blog 0.9.4 - SQL Injection / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======::...
[web-app] DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: DCFM Blog 0.9.4 comments Remote SQL...
DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================= DCFM Blog 0.9.4 comments Remote SQL Injection Vulnerability ============================================================= Title =======:: DCFM Blog 0.9.4 comments Remote SQL...
[web-app] DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: DCFM Blog 0.9.4 comments Remote SQL...
DCFM Blog 0.9.4 - SQL Injection
/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: DCFM Blog 0.9.4 comments Remote...