15 matches found
EUVD-2006-2962
Malware in sbrugna...
EUVD-2006-2963
Malware in sbrugna...
Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit
No description provided by source. !-- Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit Type : SQL Injection Release Date : 2007-03-16 Product / Vendor : Particle Soft http://blogger.particlesoft.net/ Bug : http://localhost/script/post.php?postid=-SQL Inj- Particle Blogge...
CVE-2007-3065
SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862...
CVE-2007-3065
CVE-2007-3065 describes a SQL injection vulnerability in viewimage.php of Particle Gallery 1.0.1 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands via the editcomment parameter (a vector/version different from CVE-2006-2862). Affected software is Particle Ga...
Particle Blogger Archives.PHP SQL注入漏洞
Particle Blogger是一款基于PHP的WEB应用程序。 Particle Blogger不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Archives.PHP'脚本对用户提交的'month'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息。 Particle Soft Particle Blogger 1.2.1 Particle Soft Particle Blogger 1.2 Particle Soft Particle Blogger 1.1.2 Particle Soft Particl...
pb-sql.txt
Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit function ps unique.action=""+document.unique.site.value+"/post.php?postid=-1//UNION//SELECT//null,username,password,null,null,null,null//FROM//pblusers/"; unique.submit; Particle Blogger All Version Post.PHP PostID Remote S...
Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit
No description provided by source. !-- Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit Type : SQL Injection Release Date : 2007-03-16 Product / Vendor : Particle Soft http://blogger.particlesoft.net/ Bug : http://localhost/script/post.php?postid=-SQL Inj- Particle Blogge...
Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================================== Particle Blogger Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit function ps...
Particle Blogger 1.2.0 - post.php?postid SQL Injection
Particle Blogger 1.2.0 - post.php?postid SQL Injection Particle Blogger All Version Post.PHP PostID Remote SQL Injection Exploit function ps unique.action=""+document.unique.site.value+"/post.php?postid=-1//UNION//SELECT//null,username,password,null,null,null,null//FROM//pblusers/"; unique.submit...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via 1 the target parameter in index.php and 2 the "input box."...
CVE-2006-2966
Cross-site scripting XSS vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains "//" comment sequences, which bypasses the XSS protection scheme...
CVE-2006-2966
Particle Soft Particle Wiki 1.0.2 is documented as having an XSS vulnerability where a BR tag containing an extraneous IMG tag and a STYLE attribute with a "/**/" sequence can bypass the XSS protection scheme, allowing remote attackers to inject arbitrary web script or HTML. The available sources...
CVE-2006-2965
Particle Soft Particle Whois 1.0.3 is affected by multiple XSS flaws where unsanitized input can be injected via (1) the target parameter in index.php and (2) the input box. The root cause is improper handling of user-supplied data leading to script/HTML execution in the victim’s browser. Publicl...
CVE-2006-2965
Multiple cross-site scripting XSS vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via 1 the target parameter in index.php and 2 the "input box."...