29 matches found
EUVD-2008-2642
Malware in sbrugna...
EUVD-2008-2643
Malware in sbrugna...
EUVD-2007-6058
Malware in sbrugna...
mebiblio 0.4.7 (sql/upload/xss) Multiple Vulnerabilities
No description provided by source. ======================================================================================== meBiblio 0.4.7 Remote SQL Injection/ Arbitrary File Upload Exploit / XSS Vulnerability ======================================================================================...
Unrestricted file upload
Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the files/ directory...
CVE-2008-2647
SQL injection vulnerability in admin/journalchangemask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter...
Sql injection
SQL injection vulnerability in admin/journalchangemask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter...
CVE-2008-2648
Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the files/ directory...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in meBiblio 0.4.7 allow remote attackers to inject arbitrary web script or HTML via the 1 sql parameter to dbadd.inc.php, 2 InsertJournal parameter to addjournalmask.inc.php, 3 InsertBibliography parameter to insertmask.inc.php, and 4 LabelYear...
CVE-2008-2647
SQL injection vulnerability in admin/journalchangemask.inc.php in meBiblio 0.4.7 allows remote attackers to execute arbitrary SQL commands via the JID parameter...
CVE-2008-2648
The connected data confirms CVE-2008-2648 is an unrestricted file upload vulnerability affecting meBiblio 0.4.7 . The flaw resides in the upload/uploader.html component, enabling an attacker to upload a .php file and access it under the files/ directory to execute arbitrary code remotely. The ava...
CVE-2008-2648
Unrestricted file upload vulnerability in upload/uploader.html in meBiblio 0.4.7 allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the files/ directory...
CVE-2008-2646
CVE-2008-2646 affects meBiblio 0.4.7 and involves multiple cross-site scripting (XSS) vulnerabilities. The issue arises in the application when handling user-supplied input passed to specific parameters: (1) sql parameter to dbadd.inc.php, (2) InsertJournal parameter to add_journal_mask.inc.php, ...
CVE-2008-2647
CVE-2008-2647 affects meBiblio 0.4.7 via SQL injection in admin/journal_change_mask.inc.php, allowing remote attackers to execute arbitrary SQL commands through the JID parameter. Reported in multiple sources (NVD/NVD-like entries) with CVSSv2 base score 7.5 (HIGH). The excerpts confirm the vulne...
mebiblio-sqlxssupload.txt
======================================================================================== meBiblio 0.4.7 Remote SQL Injection/ Arbitrary File Upload Exploit / XSS Vulnerability ========================================================================================...
meBiblio 0.4.7 (SQL/Upload/XSS) Multiple Remote Vulnerabilities
No description provided by source. ======================================================================================== meBiblio 0.4.7 Remote SQL Injection/ Arbitrary File Upload Exploit / XSS Vulnerability ======================================================================================...
meBiblio 0.4.7 (SQL/Upload/XSS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications =============================================================== meBiblio 0.4.7 SQL/Upload/XSS Multiple Remote Vulnerabilities ===============================================================...
mebiblio 0.4.7 - SQL Injection Arbitrary File Upload Cross-Site Scripting
mebiblio 0.4.7 - SQL Injection Arbitrary File Upload Cross-Site Scripting ======================================================================================== meBiblio 0.4.7 Remote SQL Injection/ Arbitrary File Upload Exploit / XSS Vulnerability...
mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting
======================================================================================== meBiblio 0.4.7 Remote SQL Injection/ Arbitrary File Upload Exploit / XSS Vulnerability ========================================================================================...
meBiblio-rfi.txt
meBiblio 0.4.5 RFI --------------------- Author : ShAy6oOoN --------------------- Group : PitBull Crew --------------------- Script : meBiblio 0.4.5 --------------------- Download : http://downloads.sourceforge.net/mebiblio/meBiblio-0.4.5.tar.gz?modtime=1195237984&bigmirror=0 --------------------...