14 matches found
EUVD-2005-4542
Malware in sbrugna...
EUVD-2006-0357
Malware in sbrugna...
EUVD-2006-0356
Malware in sbrugna...
Eggblog 2.0 blog.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/16305/info Eggblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities cou...
Eggblog 2.0 topic.php message Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16305/info Eggblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities cou...
Cross site scripting
Cross-site scripting XSS vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php...
Sql injection
SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php...
CVE-2006-0349
SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php...
CVE-2006-0350
Cross-site scripting XSS vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php...
CVE-2006-0349
SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php...
CVE-2006-0350
The CVE-2006-0350 entry concerns an XSS vulnerability in eggblog 2.0. The flaw allows remote attackers to inject arbitrary Web script or HTML via the message field to topic.php. NVD records a base score of 4.3 (MEDIUM) with network attack vector, no confidentiality or availability impact, and par...
CVE-2006-0349
CVE-2006-0349 describes an SQL injection in eggblog 2.0, where the attacker can cause arbitrary SQL execution through the id parameter in blog.php. The vulnerability arises from unsafe handling of user input in a database query, enabling potential data disclosure, modification, or other SQL-based...
CVE-2005-4546
search.php in eggblog 2.0 allows remote attackers to obtain the full path via an invalid q parameter, as used by the Keyword and Search fields, possibly due to an SQL injection vulnerability...
CVE-2005-4547
Cross-site scripting XSS vulnerability in home/search.php in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the q parameter, as used by the Keyword and Search fields...