13 matches found
Sql injection
Multiple SQL injection vulnerabilities in JBlog 1.0 allow 1 remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php...
CVE-2007-4919
Multiple SQL injection vulnerabilities in JBlog 1.0 allow 1 remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php...
CVE-2007-4919
Multiple SQL injection vulnerabilities in JBlog 1.0 allow 1 remote attackers to execute arbitrary SQL commands via the id parameter to index.php, and allow 2 remote authenticated administrators to execute arbitrary SQL commands via the id parameter to admin/modifpost.php...
CVE-2007-4919
CVE-2007-4919 involves multiple SQL injection vulnerabilities in JBlog 1.0. The affected components are the index.php id parameter (remote unauthenticated SQL commands) and the admin/modifpost.php id parameter (remote authenticated administrators can also inject SQL). The root cause is improper i...
JBlog 1.0 (index.php id) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ===================================================== JBlog 1.0 index.php id Remote SQL Injection Exploit ===================================================== Script....................................: JBlog ver 1.0 Script...
JBlog 1.0 (index.php id) Remote SQL Injection Exploit
No description provided by source. Script....................................: JBlog ver 1.0 Script Site...........................: http://www.jmuller.net/jblog/index.php Vulnerability........................: Remote SQL injection Exploit Access..................................: Remote...
JBlog 1.0 - index.php?id SQL Injection
JBlog 1.0 - index.php?id SQL Injection Script....................................: JBlog ver 1.0 Script Site...........................: http://www.jmuller.net/jblog/index.php Vulnerability........................: Remote SQL injection Exploit Access..................................: Remote...
JBlog 1.0 - 'index.php?id' SQL Injection
Script....................................: JBlog ver 1.0 Script Site...........................: http://www.jmuller.net/jblog/index.php Vulnerability........................: Remote SQL injection Exploit Access..................................: Remote level.........................................
CVE-2007-3974
admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to create arbitrary accounts via modified mot and droit parameters...
CVE-2007-3973
CVE-2007-3973 affects JBlog 1.0 and involves multiple cross-site scripting (XSS) vulnerabilities. Remote attackers can inject arbitrary web script or HTML through (1) the id parameter to index.php, or (2) the search parameter, or (3) the theme cookie to recherche.php. The root cause is input hand...
JBlog 1.0 Creat Admin exploit, xss, Cookie Manipulation
!-- Script...............: JBlog version: 1.0 Script Site..........: http://www.jmuller.net/jblog Vulnerability........: Creat Admin exploit, xss, Cookie Manipulation Access...............: Remote level................: Dangerous Author...............: S4mi Contact..............:...
JBlog 1.0 Create / Delete Admin Authentication Bypass Exploit
No description provided by source. !-- Script...............: JBlog version: 1.0 Script Site..........: http://www.jmuller.net/jblog Vulnerability........: Creat Admin exploit, xss, Cookie Manipulation Access...............: Remote level................: Dangerous Author...............: S4mi &nbs...
JBlog 1.0 - Create / Delete Admin Authentication Bypass
xss Here&pcomm=com cookies Manipulation: -------------------- The POST variable 'search' in /jblog/recherche.php also The Cookie variable 'theme' is affected and can be set to : also we can do this : ' or : ' This is a small exemple of Inject Cookie Xploit Cookie Manipulation ----------------...