19 matches found
EUVD-2007-1504
Malware in sbrugna...
EUVD-2007-3171
Malware in sbrugna...
Particle Blogger <= 1.2.1 Archives.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Sql injection
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors...
CVE-2007-3179
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors...
CVE-2007-3179
CVE-2007-3179 affects Particle Blogger versions up to 1.2.1. The vulnerability is SQL injection in archives.php, exploitable via the month parameter and other unspecified vectors, allowing remote attackers to execute arbitrary SQL commands. The provided documents do not specify a confirmed exploi...
CVE-2007-3179
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors...
Particle Blogger Archives.PHP SQL注入漏洞
Particle Blogger是一款基于PHP的WEB应用程序。 Particle Blogger不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Archives.PHP'脚本对用户提交的'month'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 Particle Soft Particle Blogger 1.2.1 Particle Soft Particle Blogger 1.2 Particle Soft Particle Blogger 1.1.2 Particle Soft Particl...
Sql injection
SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...
CVE-2007-1510
SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...
CVE-2007-1510
Particle Blogger 1.0.0–1.2.0 victims: SQL injection in post.php via the postid parameter allows remote execution of arbitrary SQL commands. Root cause is improper handling of input in the SQL query, enabling attacker access to/alteration of database data. CVSS details indicate high impact with pa...
CVE-2007-1510
SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter...
Particle Blogger Post.PHP SQL注入漏洞
Particle Blogger是一款基于PHP的WEB应用程序。 Particle Blogger不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'Post.PHP'脚本对用户提交的'postid'参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 Particle Soft Particle Blogger 1.2 Particle Soft Particle Blogger 1.1.2 Particle Soft Particle Blogger 1.1.1 Particle Soft Particl...
Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit
No description provided by source. !-- Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit Type : SQL Injection Release Date : 2007-03-16 Product / Vendor : Particle Soft http://blogger.particlesoft.net/ Bug : http://localhost/script/post.php?postid=-SQL Inj- Particle Blogge...
Particle Blogger 1.2.0 - post.php?postid SQL Injection
Particle Blogger 1.2.0 - post.php?postid SQL Injection Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit function ps unique.action=""+document.unique.site.value+"/post.php?postid=-1//UNION//SELECT//null,username,password,null,null,null,null//FROM//pblusers/"; unique.submit...
Particle Blogger 1.2.1 - Archives.php SQL Injection
Particle Blogger 1.2.1 - Archives.php SQL Injection source: https://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
Particle Blogger 1.2.0 - 'post.php?postid' SQL Injection
Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit function ps unique.action=""+document.unique.site.value+"/post.php?postid=-1//UNION//SELECT//null,username,password,null,null,null,null//FROM//pblusers/"; unique.submit; Particle Blogger All Version Post.PHP PostID Remote S...
Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================================== Particle Blogger Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit function ps...
Particle Blogger 1.2.1 - 'Archives.php' SQL Injection
source: https://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...