15 matches found
EUVD-2006-1899
Malware in sbrugna...
EUVD-2007-4354
Malware in sbrugna...
EUVD-2006-6975
Malware in sbrugna...
Unrestricted file upload
Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/...
CVE-2007-4371
Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/...
CVE-2007-4371
CVE-2007-4371 : Unrestricted file upload vulnerability in Neuron Blog 1.1, fixed in admin/pages/blog-add.php, allows remote attackers to upload and execute arbitrary PHP files in the uploads/ directory. The issue arises from insufficient validation when handling uploads, enabling an attacker to p...
Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability
Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability ------------------------------------------------------------------------ Script : Neuron Blog Version : 1.1 Site : http://dev.localhost.be/?q=detail-script&id=11 Founder : Rizgar Contact : [email protected] and...
CVE-2006-6993
Multiple SQL injection vulnerabilities in pages/addcomment2.php in Neuron Blog 1.1 allow remote attackers to inject arbitrary SQL commands via the 1 commentname, 2 commentmail, 3 commentwebsite, and 4 comment parameters. NOTE: the provenance of this information is unknown; the details are obtaine...
CVE-2006-6993
Multiple SQL injection vulnerabilities in pages/addcomment2.php in Neuron Blog 1.1 allow remote attackers to inject arbitrary SQL commands via the 1 commentname, 2 commentmail, 3 commentwebsite, and 4 comment parameters. NOTE: the provenance of this information is unknown; the details are obtaine...
CVE-2006-6993
CVE-2006-6993 concerns multiple SQL injection flaws in Neuron Blog 1.1, specifically in pages/addcomment2.php. The vulnerabilities allow remote attackers to inject arbitrary SQL via the (1) commentname, (2) commentmail, (3) commentwebsite, or (4) comment parameters, leading to potential data inte...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 website parameters...
CVE-2006-1899
Multiple cross-site scripting XSS vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 website parameters...
CVE-2006-1899
Multiple cross-site scripting XSS vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 name and 2 website parameters...
CVE-2006-1899
CVE-2006-1899 affects dev Neuron Blog 1.1 and earlier, with multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters. The issue stems from insufficient input sanitization in these fields, ena...
Neuron Blog <= 1.1 XSS
==================== Discovered by: Qex Date: 17 April 2006 ==================== Add comment :- name: XSS e-mail: website: XSS...