26 matches found
EUVD-2008-0456
Malware in sbrugna...
EUVD-2008-0339
Malware in sbrugna...
lulieblog 1.2 - Multiple Vulnerabilities
No description provided by source. LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection Author: Cod3rZ Site: http://cod3rz.helloweb.eu Site: http://devilsnight.altervista.org Date: 06/05/2008 dd/mm/yyyy Admin Auth Bypass: Modify Articles: send a reques...
lulieblog-multi.txt
LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection Author: Cod3rZ Site: http://cod3rz.helloweb.eu Site: http://devilsnight.altervista.org Date: 06/05/2008 dd/mm/yyyy Admin Auth Bypass: Modify Articles: send a request to site/Admin/articlemodif2.php...
LulieBlog 1.2 Multiple Remote Vulnerabilities
No description provided by source. LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection Author: Cod3rZ Site: http://cod3rz.helloweb.eu Site: http://devilsnight.altervista.org Date: 06/05/2008 dd/mm/yyyy Admin Auth Bypass: Modify Articles: send a reques...
Lulieblog 1.2 - Multiple Vulnerabilities
LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection Author: Cod3rZ Site: http://cod3rz.helloweb.eu Site: http://devilsnight.altervista.org Date: 06/05/2008 dd/mm/yyyy Admin Auth Bypass: Modify Articles: send a request to site/Admin/articlemodif2.php...
Lulieblog 1.2 - Multiple Vulnerabilities
Lulieblog 1.2 - Multiple Vulnerabilities LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection Author: Cod3rZ Site: http://cod3rz.helloweb.eu Site: http://devilsnight.altervista.org Date: 06/05/2008 dd/mm/yyyy Admin Auth Bypass: Modify Articles: send a...
LulieBlog 1.2 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ============================================= LulieBlog 1.2 Multiple Remote Vulnerabilities ============================================= LulieBlog 1.2 Multiple Remote Vulnerabilities Admin Auth Bypass, Upload File, Blind SQL Injection...
Sql injection
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter...
LulieBlog 'voircom.php' SQL注入漏洞
LulieBlog是一款基于PHP的WEB应用程序。 LulieBlog不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'voircom.php'脚本对用户提交的'id'参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Julien Plesniak LulieBlog 1.0.2 目前没有详细解决方案提供: http://www.comscripts.com/scripts/php.lulieblog.2138.html...
CVE-2008-0446
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-0446
CVE-2008-0446 affects LulieBlog 1.02: SQL injection in voircom.php via the id parameter allows remote attackers to execute arbitrary SQL commands. Affected component is voircom.php; root cause is improper handling of the id parameter leading to injection. Impact per CVSS: high (partial confidenti...
CVE-2008-0446
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote attackers to execute arbitrary SQL commands via the id parameter...
LulieBlog 1.02 (voircom.php id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== LulieBlog 1.02 voircom.php id Remote SQL Injection Vulnerability ================================================================== LulieBlog Version 1.02 Remote Sql...
LulieBlog 1.02 - SQL Injection
LulieBlog Version 1.02 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://sourceforge.net/project/platformdownload.php?groupid=204083 Injection Adress : http://Sitename/voircom.php?id=SQL CODE SQL CODE :...
LulieBlog 1.02 - SQL Injection
LulieBlog 1.02 - SQL Injection LulieBlog Version 1.02 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://sourceforge.net/project/platformdownload.php?groupid=204083 Injection Adress : http://Sitename/voircom.php?id=SQL CODE SQL CODE :...
LulieBlog 1.02 (voircom.php id) Remote SQL Injection Vulnerability
No description provided by source. LulieBlog Version 1.02 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://sourceforge.net/project/platformdownload.php?groupid=204083 Injection Adress : http://Sitename/voircom.php?id=SQL CODE SQL CODE :...
CVE-2008-0329
LulieBlog 1.0.1 and 1.0.2 does not restrict access to 1 articlesuppr.php, 2 commentaccepter.php, and 3 commentrefuser.php in Admin/, which allows remote attackers to accept comments, delete comments, and delete articles via the id parameter...
Code injection
LulieBlog 1.0.1 and 1.0.2 does not restrict access to 1 articlesuppr.php, 2 commentaccepter.php, and 3 commentrefuser.php in Admin/, which allows remote attackers to accept comments, delete comments, and delete articles via the id parameter...
CVE-2008-0329
LulieBlog 1.0.1 and 1.0.2 does not restrict access to 1 articlesuppr.php, 2 commentaccepter.php, and 3 commentrefuser.php in Admin/, which allows remote attackers to accept comments, delete comments, and delete articles via the id parameter...