geoBlog MOD_1.0 deletecomment.php id Variable Remote Arbitrary Comment Deletion

No description provided by source. source: http://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit these issues to delete blogs...

GeoBlog viewcat.php cat Parameter SQL Injection - Ver2 (CVE-2006-0249)

An SQL injection vulnerability has been reported in BitDamaged geoBlog MOD1.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

GeoBlog MOD_1.0 - deletecomment.php?id Arbitrary Comment Deletion

GeoBlog MOD1.0 - deletecomment.php?id Arbitrary Comment Deletion source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploi...

GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion

source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit these issues to delete blogs and comments regardless of the...

GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion

source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit these issues to delete blogs and comments regardless of the...

GeoBlog MOD_1.0 - deleteblog.php?id Arbitrary Blog Deletion

GeoBlog MOD1.0 - deleteblog.php?id Arbitrary Blog Deletion source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit thes...

geoBlog-MOD_1.0.txt

New eVuln Advisory: geoBlog SQL Injection Vulnerability http://evuln.com/vulns/33/summary/bt/ --------------------Summary---------------- Software: geoBlog Sowtware's Web Site: http://sourceforge.net/projects/bitdamaged/ Versions: MOD1.0 Critical Level: Dangerous Type: SQL Injection Class: Remote...

CVE-2006-0249

CVE-2006-0249 is a concrete SQL injection vulnerability in BitDamaged geoBlog MOD_1.0, specifically affecting viewcat.php via the cat parameter ($tmpCategory). The connected sources confirm that remote attackers can trigger arbitrary SQL commands, with the described impact of credential theft and...

CVE-2006-0249

SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter $tmpCategory variable...