76 matches found
EUVD-2008-6047
Malware in sbrugna...
EUVD-2006-3814
Malware in sbrugna...
EUVD-2008-0152
Malware in sbrugna...
EUVD-2006-1118
Malware in sbrugna...
EUVD-2006-3826
Malware in sbrugna...
EUVD-2006-1117
Malware in sbrugna...
LoudBlog 0.41 index.php template Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...
LoudBlog <= 0.4 (path) Arbitrary Remote Inclusion Exploit
No description provided by source. ?php ---loudblog04inclxpl.php 8.15 20/01/2006 LoudBlog 0.4 remote commands execution coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: The general that hearkens to my counsel and acts upon i...
LoudBlog <= 0.6.1 (parsedpage) Remote Code Execution Vulnerability
No description provided by source. ---- Loudblog Remote Code Execution ... ITDefence.ru Antichat.ru Loudblog = 0.6.1 Remote Code Execution Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // /...
LoudBlog 0.41 podcast.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...
LoudBlog <= 0.8.0a (ajax.php) SQL Injection Vulnerability (auth)
No description provided by source. !/usr/bin/perl This Exploit requires a valid user name and password of an account regardless of the permissions Author: Xianur0 Affected: All Versions Bug: SQL Injection Doorks: allintext: powered by LoudBlog use HTTP::Request::Common qwPOST; use LWP::UserAgent;...
LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo LoudBlog = 0.5 'id' SQL injection / admin credentials disclosure\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo a dork: \Powered by LoudBlog\r\n\r\n; / works regardless of...
LoudBlog 0.41 backend_settings.php language Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...
Multiple Vulnerabilities in LoudBlog
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LoudBlog which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in LoudBlog The vulnerability exists due to input sanitation error in the "id"...
Analysis of PHP programs in the directory traversal vulnerability-vulnerability warning-the black bar safety net
| The depths of winter and the eve of Directory traversalvulnerabilityboth at home and abroad have many different names,for example, can also be called information leakagevulnerability,non-authorized files contains avulnerability. The name though,but they have a common Genesis,is in the program n...
CVE-2008-6077
SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action...
Sql injection
SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action...
CVE-2008-6077
SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action...
CVE-2008-6077
This CVE (CVE-2008-6077) affects LoudBlog versions up to 0.8.0a, where the vulnerability is in loudblog/ajax.php. The underlying issue is an SQL injection in the singleread action, exploitable via the colpick parameter, allowing remote authenticated users to execute arbitrary SQL commands. The pr...
LoudBlog <= 0.8.0a (ajax.php) SQL Injection Vulnerability (auth)
No description provided by source. !/usr/bin/perl This Exploit requires a valid user name and password of an account regardless of the permissions Author: Xianur0 Affected: All Versions Bug: SQL Injection Doorks: allintext: "powered by LoudBlog" use HTTP::Request::Common qwPOST; use LWP::UserAgen...