25 matches found
EUVD-2006-0569
Malware in sbrugna...
EUVD-2006-0570
Malware in sbrugna...
EUVD-2005-4049
Malware in sbrugna...
PluggedOut Blog 1.9.x Index.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15746/info PluggedOut Blog is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
PluggedOut Blog 1.51/1.60 Blog_Exec.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10885/info PluggedOut Blog is reported prone to a cross-site scripting vulnerability. This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerabl...
PluggedOut Blog 1.9.9 Cross Site Scripting
f0und by: kurdish hackers team group: kurd-team c0ntact: [email protected] site: www.kurdteam.org ================================= ==============script=============== ================================= script: PluggedOut Blog 1.9.9 d0rk:"Powered by PluggedOut Blog 1.9.9i, © Jonathan Beckett, 2006,...
PluggedOut Blog 1.9.9 - 'year' Cross-Site Scripting
source: https://www.securityfocus.com/bid/46962/info PluggedOut Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in...
PluggedOut Blog 1.9.9 - year Cross-Site Scripting
PluggedOut Blog 1.9.9 - year Cross-Site Scripting source: https://www.securityfocus.com/bid/46962/info PluggedOut Blog is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...
CVE-2006-0562
Cross-site scripting XSS vulnerability in problem.php in PluggedOut Blog 1.9.9c allows remote attackers to inject arbitrary web script or HTML via the data parameter...
CVE-2006-0563
SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute arbitrary SQL commands via the entryid parameter in a commentadd action...
Cross site scripting
Cross-site scripting XSS vulnerability in problem.php in PluggedOut Blog 1.9.9c allows remote attackers to inject arbitrary web script or HTML via the data parameter...
Sql injection
SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute arbitrary SQL commands via the entryid parameter in a commentadd action...
CVE-2006-0562
The CVE-2006-0562 entry describes a Cross-site Scripting (XSS) vulnerability in PluggedOut Blog 1.9.9c, where an attacker can inject arbitrary web script or HTML through the data parameter of problem.php. The vulnerability enables an attacker to execute script in a user’s browser, with the impact...
CVE-2006-0563
PluggedOut Blog 1.9.9c has a SQL injection vulnerability in exec.php, exploitable via the entryid parameter in the comment_add action. This allows remote attackers to execute arbitrary SQL commands. The vulnerability is rated HIGH (CVSS v2 base score 7.5) by NVD, but the provided documents do not...
CVE-2006-0562
Cross-site scripting XSS vulnerability in problem.php in PluggedOut Blog 1.9.9c allows remote attackers to inject arbitrary web script or HTML via the data parameter...
CVE-2006-0563
SQL injection vulnerability in exec.php in PluggedOut Blog 1.9.9c allows remote attackers to execute arbitrary SQL commands via the entryid parameter in a commentadd action...
PluggedOut-1.9.9c.txt
PluggedOut Blog SQL INJECTION and XSS PluggedOut Blog is an open source script you can run on your web server to give you an online multi-user journal or diary. It can be used equally well for any kind of calendar application.Rather than give you a thousand things you don't really want...
PluggedOut Blog SQL injection and XSS
PluggedOut Blog SQL INJECTION and XSS PluggedOut Blog is an open source script you can run on your web server to give you an online multi-user journal or diary. It can be used equally well for any kind of calendar application.Rather than give you a thousand things you don't really want...
CVE-2005-4054
SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 categoryid, 2 entryid, 3 year, 4 month, and 5 day parameter...
CVE-2005-4054
SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 categoryid, 2 entryid, 3 year, 4 month, and 5 day parameter...