9 matches found
EUVD-2006-0424
Malware in sbrugna...
Design/Logic Flaw
del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified postid parameter, a different vulnerability than CVE-2008-4628...
CVE-2008-6650
SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter. This CVE (2008-6650) is documented with public references (e.g., Exploit-DB, X-Force) and is distinct from CVE-2008-4628. No remediation details...
CVE-2008-4628
CVE-2008-4628 describes an SQL injection in del.php of the MyWebland miniBloggie 1.0, exploitable via the post_id parameter. The affected software is explicitly stated as myWebland miniBloggie 1.0 and the vulnerable component is del.php. The underlying issue is a SQL injection vulnerability that ...
miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/php ?php errorreporting0; / miniBloggie 1.0 del.php Remote Blind SQL Injection Exploit ------------------------------------------------------------ Author - StAkeR aka athos - StAkeRathotmaildotit Date - 18/10/2008 Get -...
miniBloggie 1.0 - 'del.php' Blind SQL Injection
!/usr/bin/php StAkeR aka athos - StAkeRathotmaildotit Date - 18/10/2008 Get - http://www.mywebland.com/dl.php?id=2 ------------------------------------------------------------ File del.php 25. if isset$GET'postid' $postid = $GET'postid'; 26. if isset$GET'confirm' $confirm = $GET'confirm'; 27. 28...
minibloggie-sql.txt
!/usr/bin/php StAkeR aka athos - StAkeRathotmaildotit Date - 18/10/2008 Get - http://www.mywebland.com/dl.php?id=2 ------------------------------------------------------------ File del.php 25. if isset$GET'postid' $postid = $GET'postid'; 26. if isset$GET'confirm' $confirm = $GET'confirm'; 27. 28...
miniBloggie 1.0 (del.php) Arbitrary Delete Post Vulnerability
Exploit for unknown platform in category web applications ============================================================= miniBloggie 1.0 del.php Arbitrary Delete Post Vulnerability ============================================================= MiniBloggie Arbitrary Delete Post Vulnerability Author:...
CVE-2006-4163
The CVE-2006-4163 entry concerns myWebland miniBloggie (versions 1.0 and earlier). The connected PT-2006-4995 and CVE/NVD records confirm a PHP remote file inclusion in cls_fast_template.php via the fname parameter, which could allow remote attackers to execute arbitrary PHP code. Some analyses n...