CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/19476/info miniBloggie is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

7.1AI score

Exploits0

NVD•added 2009/04/07 2:17 p.m.•8 views

CVE-2008-6650

del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified postid parameter, a different vulnerability than CVE-2008-4628...

5CVSS6.6AI score0.04404EPSS

Exploits1References3

Prion•added 2009/04/07 2:17 p.m.•12 views

Design/Logic Flaw

del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified postid parameter, a different vulnerability than CVE-2008-4628...

5CVSS7AI score0.04404EPSS

Exploits1References3Affected Software1

Cvelist•added 2009/04/07 10:0 a.m.•17 views

CVE-2008-6650

del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified postid parameter, a different vulnerability than CVE-2008-4628...

6.6AI score0.04404EPSS

Exploits1References3

CVE•added 2009/04/07 10:0 a.m.•52 views

CVE-2008-6650

SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter. This CVE (2008-6650) is documented with public references (e.g., Exploit-DB, X-Force) and is distinct from CVE-2008-4628. No remediation details...

5CVSS6.9AI score0.04404EPSS

Exploits1References3Affected Software1

NVD•added 2008/10/21 1:18 a.m.•15 views

CVE-2008-4628

SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...

7.5CVSS8.2AI score0.00421EPSS

Exploits0References5

Prion•added 2008/10/21 1:18 a.m.•17 views

Sql injection

SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...

7.5CVSS8.7AI score0.00421EPSS

Exploits0References5Affected Software1

ATTACKERKB•added 2008/10/21 1:18 a.m.•2 views

CVE-2008-4628

SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...

7.5CVSS6.4AI score0.00421EPSS

Exploits0References6

Cvelist•added 2008/10/21 12:0 a.m.•22 views

CVE-2008-4628

SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...

8.2AI score0.00421EPSS

Exploits0References5

CVE•added 2008/10/21 12:0 a.m.•46 views

CVE-2008-4628

CVE-2008-4628 describes an SQL injection in del.php of the MyWebland miniBloggie 1.0, exploitable via the post_id parameter. The affected software is explicitly stated as myWebland miniBloggie 1.0 and the vulnerable component is del.php. The underlying issue is a SQL injection vulnerability that ...

7.5CVSS8.3AI score0.00421EPSS

Exploits0References5Affected Software1

seebug.org•added 2008/10/19 12:0 a.m.•11 views

miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/php ?php errorreporting0; / miniBloggie 1.0 del.php Remote Blind SQL Injection Exploit ------------------------------------------------------------ Author - StAkeR aka athos - StAkeRathotmaildotit Date - 18/10/2008 Get -...

7.1AI score

Exploits0

0day.today•added 2008/10/18 12:0 a.m.•22 views

miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ miniBloggie 1.0 del.php Remote Blind SQL Injection Exploit ============================================================ !/usr/bin/php StAkeR aka athos Date - 18/10/2008...

7.1AI score

Exploits0

Exploit DB•added 2008/10/18 12:0 a.m.•33 views

miniBloggie 1.0 - 'del.php' Blind SQL Injection

!/usr/bin/php StAkeR aka athos - StAkeRathotmaildotit Date - 18/10/2008 Get - http://www.mywebland.com/dl.php?id=2 ------------------------------------------------------------ File del.php 25. if isset$GET'postid' $postid = $GET'postid'; 26. if isset$GET'confirm' $confirm = $GET'confirm'; 27. 28...

7AI score

Exploits0

Packet Storm•added 2008/10/18 12:0 a.m.•15 views

minibloggie-sql.txt

7.4AI score

Exploits0

Packet Storm•added 2008/05/09 12:0 a.m.•24 views

minibloggie-delete.txt

MiniBloggie Arbitrary Delete Post Vulnerability Author: Cod3rZ Site: http://cod3rz.helloweb.eu PoC: if isset$GET'postid' $postid = $GET'postid'; if isset$GET'confirm' $confirm = $GET'confirm'; ... elseif $confirm=="yes" ... $sql = "DELETE FROM blogdata WHERE postid=$postid"; $query = mysqlquery$s...

7.4AI score

Exploits0

seebug.org•added 2008/05/08 12:0 a.m.•20 views

miniBloggie 1.0 (del.php) Arbitrary Delete Post Vulnerability

No description provided by source. MiniBloggie Arbitrary Delete Post Vulnerability Author: Cod3rZ Site: http://cod3rz.helloweb.eu PoC: if isset$GET'postid' $postid = $GET'postid'; if isset$GET'confirm' $confirm = $GET'confirm'; ... elseif $confirm=="yes" ... $sql = "DELETE FROM blogdata WHERE...

7.1AI score

Exploits0

Exploit DB•added 2008/05/08 12:0 a.m.•42 views

miniBloggie 1.0 - 'del.php' Arbitrary Delete Post

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by