EUVD-2009-1479

Malware in sbrugna...

PJBlog3 V3. 2. 8. 3 5 2 file Action. asp to modify any user password 0day-vulnerability warning-the black bar safety net

PJBlog a set of open source free Chinese personal blog system program, using asp+Access technology, has a relatively high operating performance and Update rate, but also support the current Blog the use of new technologies In the file Action. asp: ElseIf Request. QueryString“action” =...

PJBlog3 V3.2.8.352 Action.asp 任意修改用户问题和答案漏洞

PJBlog一套开源免费的中文个人博客系统程序，采用asp+Access的技术，具有相当高的运作效能以及更新率，也支持目前Blog所使用的新技术。 文件Action.aspp中： ElseIf Request.QueryString"action" = "UpdatePass" Then //第283行 If ChkPost Then Dim uID, uq, ua uID = CheckStrUnEscapeRequest.QueryString"id" uq = CheckStrUnEscapeRequest.QueryString"q" ua =...

PJBlog3 V3. 2. 8. 3 5 2 file Action. asp to modify any user password bug and fix-vulnerability warning-the black bar safety net

Affected version: PJBlog3 V3. 2. 8. 3 5 2 Vulnerability description: PJBlog a set of open source free Chinese personal blog system program, using asp+Access technology, has a relatively high operating performance and Update rate, but also support the current Blog the use of new technologies In th...

PJBlog3 v3. 1. 6. 2 2 7 vulnerabilities and solutions-vulnerability warning-the black bar safety net

| 1. View the default database blogDB/PBLog3. asp whether exist! 2。 The registration ID 3. the To┼pay offs number 畣 whole 爠 Hwan enemy 瑳∨≒┩congregation┼anvil this in the name of the password just under 4。 In to the user management location find your registration of the user in the this...

Sql injection

SQL injection vulnerability in action.asp in PuterJam's Blog PJBlog3 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the provenance of this information is unknown; the details are...

CVE-2009-1481

SQL injection vulnerability in action.asp in PuterJam's Blog PJBlog3 3.0.6.170 allows remote attackers to execute arbitrary SQL commands via the cname parameter in a checkAlias action, as exploited in the wild in April 2009. NOTE: the provenance of this information is unknown; the details are...

CVE-2009-1481

The CVE-2009-1481 issue is an SQL injection in PuterJam’s Blog (PJBlog3) 3.0.6.170, specifically in action.asp via the cname parameter in the checkAlias action. This vulnerability could allow remote attackers to execute arbitrary SQL commands and partially compromise data integrity. The informati...

PuterJam's Blog PJBlog3 3.0.6 - 'action.asp' SQL Injection

source: https://www.securityfocus.com/bid/34701/info PJBlog3 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data,...

PuterJams Blog PJBlog3 3.0.6 - action.asp SQL Injection

PuterJams Blog PJBlog3 3.0.6 - action.asp SQL Injection source: https://www.securityfocus.com/bid/34701/info PJBlog3 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...