8 matches found
minimal ablog 0.4 (sql/fu/bypass) Multiple Vulnerabilities
No description provided by source. =========================================================================================================== o minimal-ablog 0.4 SQL Injection, File Upload and Admin Bypass Vuln Software : minimal-ablog version 0.4 Vendor : http://www.abweb.co.cc/ Download :...
CVE-2008-6611
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-6613
uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request...
Design/Logic Flaw
uploader.php in minimal-ablog 0.4 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request...
CVE-2008-6611
SQL injection vulnerability in index.php in Minimal ABlog 0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-6613
CVE-2008-6613 affects minimal-ablog 0.4, where uploader.php fails to properly restrict access. This allows remote attackers to gain administrative privileges via a direct request. The description and linked references confirm the component and impact but do not provide exploit details, affected v...
CVE-2008-6611
CVE-2008-6611 describes a SQL injection in index.php of Minimal ABlog 0.4, exploitable via the id parameter to execute arbitrary SQL commands. The NVD notes a base score of 7.5 (HIGH) with network attack vector and low complexity, no authentication required, affecting confidentiality, integrity, ...