46 matches found
EUVD-2006-1430
Malware in sbrugna...
EUVD-2008-1868
Malware in sbrugna...
EUVD-2008-1866
Malware in sbrugna...
EUVD-2008-1984
Malware in sbrugna...
EUVD-2006-5070
Malware in sbrugna...
EUVD-2008-1867
Malware in sbrugna...
Pixel Motion 0 admin/index.php Multiple Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful explo...
Pixel Motion 0 index.php date Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17260/info Pixel Motion is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful explo...
Pixel Motion Blog - 'list_article.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28920/info Pixel Motion Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...
Blog Pixel Motion Backup Disclosure
======================================================================================== | Title : Blog Pixel Motion = by Pass / Download Backup Vulnerability | Author : indoushka | email : [email protected] | Dork : Ce blog a été mis à disposition par Pixel Motion | Tested on: windows SP2...
Cross site scripting
Cross-site scripting XSS vulnerability in listearticle.php in Blog Pixel Motion aka PixelMotion allows remote attackers to inject arbitrary web script or HTML via the jours parameter...
CVE-2008-1986
Cross-site scripting XSS vulnerability in listearticle.php in Blog Pixel Motion aka PixelMotion allows remote attackers to inject arbitrary web script or HTML via the jours parameter...
CVE-2008-1986
CVE-2008-1986 is a reported XSS vulnerability in Blog Pixel Motion (PixelMotion) affecting the file liste_article.php. The flaw allows remote attackers to inject arbitrary web script or HTML via the jours parameter. The available sources describe the vulnerability and its impact as cross-site scr...
CVE-2008-1986
Cross-site scripting XSS vulnerability in listearticle.php in Blog Pixel Motion aka PixelMotion allows remote attackers to inject arbitrary web script or HTML via the jours parameter...
Pixel Motion Blog - list_article.php Cross-Site Scripting
Pixel Motion Blog - listarticle.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28920/info Pixel Motion Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...
Pixel Motion Blog - 'list_article.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28920/info Pixel Motion Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Sql injection
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...
CVE-2008-1867
SQL injection vulnerability in Blog Pixel Motion aka Blog PixelMotion allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php...
Authentication flaw
admin/sauvBase.php in Blog Pixel Motion aka Blog PixelMotion does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information...
CVE-2008-1868
admin/sauvBase.php in Blog Pixel Motion aka Blog PixelMotion does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information...