11 matches found
EUVD-2008-2450
Malware in sbrugna...
EUVD-2008-6408
Malware in sbrugna...
E107 BLOG Engine Plugin Remote SQL Injection (CVE-2008-6438)
An SQL injection vulnerability has been reported in E107coders Macguru Blog Engine Plugin. An attacker could exploit this vulnerability via the uid parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Sql injection
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
CVE-2008-6438
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
CVE-2008-6438
SQL injection vulnerability in macgurublogmenu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is also affected...
CVE-2008-6438
The provided data confirms a concrete SQL injection vulnerability in the MacGuru BLOG Engine plugin for e107 (MacGuru Blog Engine). Affected component: macgurublog_menu/macgurublog.php (v2.2, with note that 2.1.4 is also affected) and, per related entries, comment.php. Root cause: unsanitized inp...
Sql injection
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter...
CVE-2008-2455
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter...
CVE-2008-2455
CVE-2008-2455: SQL injection in MacGuru BLOG Engine plugin 2.2 for e107, in comment.php via the rid parameter, allowing remote SQL execution. Affected: MacGuru BLOG Engine plugin 2.2 on e107. Base CVSS 7.5 (HIGH) with network attack, low complexity, no authentication. No remediation details provi...
CVE-2008-2455
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter...