drosophilasuzukii.net Improper Access Control vulnerability OBB-3858028

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ritsblog 0.4.2 (ab/xss) Multiple Vulnerabilities

No description provided by source. Salvatore drosophila Fresta + Application: RitsBlog + Version: 0.4.2 + Website: http://sourceforge.net/projects/ritsblog/ + Bugs: A SQL Injection B XSS Persistent + Exploitation: Remote + Date: 02 Mar 2009 + Discovered by: Salvatore drosophila Fresta + Author:...

blogman 0.45 Multiple Vulnerabilities

No description provided by source. Salvatore drosophila Fresta Application: BlogMan http://sourceforge.net/projects/blogman/ Version: 0.45 Bug: Multiple SQL Injection Authentication Bypass Privilege Escalation Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore drosophila Fresta Author...

Joomla! Component Teams - Multiple Blind SQL Injections

Joomla! Component Teams - Multiple Blind SQL Injections Teams 110281008091711 Joomla Component Multiple Blind SQL Injection Vulnerabilities Name Teams Vendor http://www.joomlamo.com Versions Affected 110281008091711 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net...

phpCollegeExchange 0.1.5c SQL Injection

PoC - phpCollegeExchange 0.1.5c SQL Injection - Salvatore Fresta aka Drosophila This code will print the columns number found by the injection. In order to view the content of the fields, you must exchange the number with the field name, adding a FROM tablename at the end of the injection query...

Nullam Blog 0.1.2 LFI / XSS / SQL Injection

-- Salvatore Fresta aka drosophila CWNP444351 Salvatore "drosophila" Fresta + Application: Nullam Blog + Version: 0.1.2 + Website: http://nullam.net/ + Bugs: A Local File Inclusion B File Disclosure C Multiple Blind SQL Injection D SQL Injection E Reflected XSS + Exploitation: Remote + Date: 10 S...

Blink Blog System (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =========================================================== Blink Blog System Auth Bypass SQL Injection Vulnerability =========================================================== Salvatore "drosophila" Fresta + Application: Blink Blog Syste...

EZ-Blog Beta2 (category) Remote SQL Injection Vulnerability

No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ------------------...

EZ-Blog Beta2 - 'category' SQL Injection

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | SQL INJECTIO...

Tiny Blogr 1.0.0 rc4 Authentication Bypass

Salvatore "drosophila" Fresta + Application: Tiny Blogr + Version: 1.0.0 rc4 + Website: http://tinyblogr.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 17 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact:...

Community CMS 0.5 Multiple SQL Injection Vulnerabilities

No description provided by source. Salvatore "drosophila" Fresta + Application: Community CMS + Version: 0.5 + Website: http://sourceforge.net/projects/communitycms/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Dork: intext:"Powered by Community CMS" + Date: 30 Mar 2009 +...

nForum 1.5 - Multiple SQL Injections

Salvatore "drosophila" Fresta + Application: nForum + Version: 1.5 + Website: http://sourceforge.net/projects/nforum/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mai...

phpCommunity 2.1.8 - SQL Injection / Directory Traversal / Cross-Site Scripting

Salvatore "drosophila" Fresta + Application: phpCommunity 2 + Version: 2.1.8 + Website: http://sourceforge.net/projects/phpcommunity2/ + Bugs: A Multiple SQL Injection B Directory Traversal C Reflected XSS + Exploitation: Remote + Date: 07 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta +...

Wili-CMS 0.4.0 (RFI/LFI/AB) Multiple Remote Vulnerabilities

No description provided by source. Salvatore "drosophila" Fresta + Application: Wili-CMS + Version: 0.4.0 + Website: http://wili-cms.sourceforge.net/ + Bugs: A Multiple Remote/Local File Inclusion B Authentication Bypass + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore...

celerbb 0.0.2 - Multiple Vulnerabilities

celerbb 0.0.2 - Multiple Vulnerabilities Salvatore "drosophila" Fresta + Application: CelerBB + Version: 0.0.2 + Website: http://celerbb.sourceforge.net/ + Bugs: A Multiple SQL Injection B Information Disclosure C Authenticaion Bypass + Exploitation: Remote + Date: 05 Mar 2009 + Discovered by:...

celerbb 0.0.2 - Multiple Vulnerabilities

Salvatore "drosophila" Fresta + Application: CelerBB + Version: 0.0.2 + Website: http://celerbb.sourceforge.net/ + Bugs: A Multiple SQL Injection B Information Disclosure C Authenticaion Bypass + Exploitation: Remote + Date: 05 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...

RitsBlog 0.4.2 (Authentication Bypass) SQL Injection Vulnerability / XSS Persistent Vulnerability

Salvatore "drosophila" Fresta + Application: RitsBlog + Version: 0.4.2 + Website: http://sourceforge.net/projects/ritsblog/ + Bugs: A SQL Injection B XSS Persistent + Exploitation: Remote + Date: 02 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta +...

WARNING - CORRECT: BlindBlog 1.3.1 Multiple Vulnerabilities (SQL Inj - Auth Bypass - LFI)

Salvatore "drosophila" Fresta + Application: BlindBlog + Version: 1.3.1 + Website: http://sourceforge.net/projects/cbblog/ + Bugs: A SQL Injection B Authentication Bypass C Local File Inclusion + Exploitation: Remote + Date: 03 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...

BlindBlog 1.3.1 LFI / SQL Injection

Salvatore "drosophila" Fresta + Application: BlindBlog + Version: 1.3.1 + Website: http://sourceforge.net/projects/cbblog/ + Bugs: A SQL Injection B Authentication Bypass C Local File Inclusion + Exploitation: Remote + Date: 03 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...

RitsBlog 0.4.2 (AB/XSS) Multiple Remote Vulnerabilities

No description provided by source. Salvatore "drosophila" Fresta + Application: RitsBlog + Version: 0.4.2 + Website: http://sourceforge.net/projects/ritsblog/ + Bugs: A SQL Injection B XSS Persistent + Exploitation: Remote + Date: 02 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Autho...