Block WP Login <= 1.3.0 - CSRF and Unauthorised Settings Update

Lack of CSRF and authorisation checks in the bwplconfigureslug function registered as an admininit action could allow attacker via CSRF, or unauthenticated using the admin-ajax.php to change the plugin settings located at /wp-admin/options-permalink.php and disable the protection offered. v1.3.1...

phpfreeBB 1.0 - Remote BLIND SQL Injection Vulnerability

No description provided by source. / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability Discovered By : Moudi Contact : [email protected]...

CVE-2009-3208

Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to permalink.php and 2 year parameter to index.php...

phpfreeBB 1.0 - Blind SQL Injection

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability Discovered By : Moudi Contact : Download :...

phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability

No description provided by source. / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability Discovered By : Moudi Contact : [email protected]...

phpfreeBB 1.0 - Blind SQL Injection

phpfreeBB 1.0 - Blind SQL Injection / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability Discovered By : Moudi Contact : Download :...

CVE-2008-1699

The CVE-2008-1699 entry describes an SQL injection in permalink.php of Desi Quintans Writer’s Block CMS 3.8a. The vulnerability arises from unsafely handling the PostID parameter, allowing remote attackers to execute arbitrary SQL commands. Documents confirm this is a remote, unauthenticated cond...

Sql injection

SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the pageoptions parameter to 1 options-general.php, 2 options-writing.php, 3 options-reading.php, 4 options-discussion.php, 5 options-privacy.php, 6...