SQL Injection Vulnerability in Axublog Version 1.1.0

Axublog is a PHP personal blog system. A SQL injection vulnerability exists in Axublog version 1.1.0. An attacker can exploit the vulnerability to obtain sensitive database information...

emlog personal blog system background there is privilege elevation vulnerability

Impact version emlog = 5.1.2 Prerequisites: need to log in the background Exploit Log in the background after a visit to admin/? action=phpinfo page, get website physical path In the database backup page to back up the database, export to a local computer, and then edit the exported . sql format ...

PJBlog个人博客系统cls_logAction.asp文件存在注入漏洞

PJBlog一套开源免费的中文个人博客系统程序，采用asp+Access的技术，具有相当高的运作效能以及更新率，也支持目前Blog所使用的新技术。 在文件class/clslogAction.asp中： oldcate=request.form"oldcate" //第429行 oldctype=request.form"oldtype" D = conn.execute"select catePart from blogCategory where cateID="&oldcate0 程序没有对变量oldcate做任何过滤放入sql查询语句中，导致注入漏洞的产生。 PJBlog...