4 matches found
Sql injection
Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remote attackers to execute arbitrary SQL commands via the 1 i or 2 postid parameter to addcomment.php, which triggers an injection in libraries.inc.php; or 3 the i parameter to listcomments.php, which triggers an injection in...
CVE-2007-0759
CVE-2007-0759 affects EasyMoblog 0.5.1 with multiple SQL injection flaws. The vulnerabilities occur in add_comment.php (parameters i and post_id) and list_comments.php (parameter i), triggering injections in libraries.inc.php. This allows remote attackers to execute arbitrary SQL commands. The re...
[Full-disclosure] Remote Sql Injection in EasyMoblog 0.5.1 # 2
·= Security Advisory =· Issue: Sql injection Vulnerability in EasyMoblog by Umberto Caldera. Discovered Date: 30/01/07 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://sourceforge.net/project/showfiles.php?groupid=88633 Ver: easymoblog-0.5.1 Details: EasyMoblog is...
[Full-disclosure] Remote Sql Injection in EasyMoblog 0.5.1
·= Security Advisory =· Issue: Sql injection Vulnerability in EasyMoblog by Umberto Caldera. Discovered Date: 30/01/07 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://sourceforge.net/project/showfiles.php?groupid=88633 Ver: easymoblog-0.5.1 Details: EasyMoblog is...