EUVD-2006-2974

Malware in sbrugna...

EUVD-2006-0410

Malware in sbrugna...

EUVD-2006-2975

Malware in sbrugna...

moblog.4lfie.com Cross Site Scripting vulnerability OBB-2859431

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

e-moBLOG 1.3 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16344/info The e-moBLOG application is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

Mafia Moblog 6 Big.PHP Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '81940' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-16' createDate = '2015-12-24...

mafiaMoblog.txt

------------------------------------------------------------------------------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll.ir...

CVE-2006-4156

PHP remote file inclusion vulnerability in big.php in pearlabs mafia moblog 6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtotemplate parameter. NOTE: a third party claims that the researcher is incorrect, because template.php defines pathtotemplate befor...

CVE-2006-4156

CVE-2006-4156 affects Pearlabs Mafia Moblog versions 6 and earlier. The vulnerability is a PHP remote code execution via the pathtotemplate parameter used in big.php (and possibly related template handling). A third-party dispute notes that pathtotemplate may be defined before its use, and CVE da...

PT-2006-4988 · Pearlabs · Pearlabs Mafia Moblog

Name of the Vulnerable Software and Affected Versions: pearlabs mafia moblog versions 6 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the pathtotemplate parameter. There is a dispute regarding the validity of this claim, with a third party...

Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability

------------------------------------------------------------------------ ------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------ ------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll....

Mafia Moblog 6 - 'Big.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19458/info Mafia Moblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...

Mafia Moblog 6 - Big.php Remote File Inclusion

Mafia Moblog 6 - Big.php Remote File Inclusion source: https://www.securityfocus.com/bid/19458/info Mafia Moblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...

CVE-2006-2978

Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to 1 big.php and 2 upgrade.php...

CVE-2006-2978

CVE-2006-2978 affects Mafia Moblog 0.6M1 and earlier. The issue allows remote attackers to disclose the installation path via an error message triggered by direct requests to (1) big.php and (2) upgrade.php. No additional exploit details or impact beyond path disclosure are provided in the docume...

CVE-2006-2977

The CVE-2006-2977 entry covers an SQL injection vulnerability in Mafia Moblog 0.6M1 and earlier, where the affected component is big.php. The underlying issue allows remote attackers to craft requests (via the img parameter) that cause the application to execute arbitrary SQL commands. Documents ...

CVE-2006-2977

SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to execute arbitrary SQL commands via the img parameter...

CVE-2006-2978

Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to 1 big.php and 2 upgrade.php...

mafiamoblog.txt

Produce : Mafia Moblog WebSite :http://mafia.pearlabs.org Version : 6 Full and Prior Discovred By :Moroccan Security Research Team Simo64 IMPACT : Manipulation of data, System access + Full Path Disclosure : The problem is that it is possible to disclose the full path to 'big.php','upgrade.php' b...

Mafia Moblog Full Path Disclosure / SQL injection

Produce : Mafia Moblog WebSite :http://mafia.pearlabs.org Version : 6 Full and Prior Discovred By :Moroccan Security Research Team Simo64 IMPACT : Manipulation of data, System access + Full Path Disclosure : The problem is that it is possible to disclose the full path to 'big.php','upgrade.php' b...