Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1973

Malware in sbrugna...

7.5CVSS6.4AI score0.02175EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-4038

Malware in sbrugna...

4.3CVSS6.4AI score0.01452EPSS
Exploits1References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Bluemoon inc. PopnupBlog 3.30 'index.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30827/info Bluemoon inc. PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit

No description provided by source. html head titleXOOPS Module PopnupBlog = 2.52 postid BLIND SQL Injection Exploit/title script type=text/javascript //'=============================================================================================== //'Script Name: XOOPS Module PopnupBlog = 2.52...

7.1AI score
Exploits0
NVD
NVD
added 2008/09/11 9:6 p.m.14 views

CVE-2008-4053

Multiple cross-site scripting XSS vulnerabilities in index.php in the Bluemoon PopnupBLOG module 3.20 and 3.30 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the 1 param, 2 catid, and 3 view parameters...

4.3CVSS5.8AI score0.01452EPSS
Exploits1References4
Prion
Prion
added 2008/09/11 9:6 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in the Bluemoon PopnupBLOG module 3.20 and 3.30 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the 1 param, 2 catid, and 3 view parameters...

4.3CVSS6.1AI score0.01452EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2008/09/11 2:0 p.m.39 views

CVE-2008-4053

The CVE-2008-4053 entry describes XSS vulnerabilities in the Bluemoon PopnupBLOG module for XOOPS, specifically in index.php for versions 3.20 and 3.30, where the parameters (param, cat_id, view) can be manipulated to inject arbitrary script/HTML. The underlying issue is cross-site scripting due ...

4.3CVSS5.8AI score0.01452EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2008/08/26 12:0 a.m.157 views

popnupblog-xss.txt

PopnupBlog index.php multiple variables XSS Vendor url:http://www.bluemooninc.biz/ Advisore:http://lostmon.blogspot.com/2008/08/ popnupblog-indexphp-multiple-variables.html Vendor notify:no exploits availables:yes PopnupBlog contains a flaw that allows a remote cross site scripting attack.This fl...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/08/25 12:0 a.m.11 views

Bluemoon inc. PopnupBlog 3.30 - index.php Multiple Cross-Site Scripting Vulnerabilities

Bluemoon inc. PopnupBlog 3.30 - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/30827/info Bluemoon inc. PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker ma...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/08/25 12:0 a.m.290 views

Bluemoon inc. PopnupBlog 3.30 - &#039;index.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/30827/info Bluemoon inc. PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2008/04/30 3:0 p.m.17 views

CVE-2008-2035

Cross-site scripting XSS vulnerability in the Bluemoon, Inc. 1 BackPack 0.91 and earlier, 2 BmSurvey 0.84 and earlier, 3 newbbfileup 1.83 and earlier, 4 Newsembed newsfileup 1.44 and earlier, and 5 PopnupBlog 3.19 and earlier modules for XOOPS 2.0.x, XOOPS Cube 2.1, and ImpressCMS allows remote...

5.7AI score0.01065EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/04/28 12:0 a.m.39 views

JVN#31351020 Cross-site scripting vulnerabilities in multiple Bluemoon Inc. XOOPS modules

Mutiple modules provided by Blumoon Inc. for XOOPS 2.0.x / XOOPS Cube 2.1 / ImpressCMS are vulnerable to cross-site scripting. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Update the product to the latest version according to the information...

4.3CVSS6.1AI score0.01065EPSS
Exploits0
Packet Storm
Packet Storm
added 2007/06/15 12:0 a.m.22 views

popnupblog.txt

/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title PopnupBlog XOOPS Module Remote File Inclusion Vulnerability Description Blogging module for XOOPS CMS Vuln Code In /class/sendmail.php includeonce...

7.4AI score
Exploits0
Prion
Prion
added 2007/04/12 1:19 a.m.16 views

Sql injection

SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the postid parameter, possibly involving the getblogidfrompostid function in class/PopnupBlogUtils.php. NOTE: later versions such as 3.03 and...

7.5CVSS9.1AI score0.02175EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2007/04/12 1:19 a.m.12 views

CVE-2007-1979

SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the postid parameter, possibly involving the getblogidfrompostid function in class/PopnupBlogUtils.php. NOTE: later versions such as 3.03 and...

7.5CVSS8.4AI score0.02175EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2007/04/12 1:19 a.m.3 views

CVE-2007-1979

SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the postid parameter, possibly involving the getblogidfrompostid function in class/PopnupBlogUtils.php. NOTE: later versions such as 3.03 and...

7.5CVSS6.4AI score0.02175EPSS
Exploits1References5
CVE
CVE
added 2007/04/12 1:0 a.m.49 views

CVE-2007-1979

CVE-2007-1979 refers to an SQL injection in the PopnupBlog module for XOOPS (index.php) up to version 2.52 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands via the postid parameter, potentially involving get_blogid_from_postid in class/PopnupBlogUtils.php. ...

7.5CVSS8.4AI score0.02175EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2007/04/12 1:0 a.m.21 views

CVE-2007-1979

SQL injection vulnerability in index.php in the PopnupBlog 2.52 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the postid parameter, possibly involving the getblogidfrompostid function in class/PopnupBlogUtils.php. NOTE: later versions such as 3.03 and...

8.4AI score0.02175EPSS
Exploits1References4
seebug.org
seebug.org
added 2007/04/04 12:0 a.m.27 views

Xoops Module PopnupBlog &lt;= 2.52 (postid) BLIND SQL Injection Exploit

No description provided by source. html head titleXOOPS Module PopnupBlog = 2.52 postid BLIND SQL Injection Exploit/title script type="text/javascript" //'=============================================================================================== //'Script Name: XOOPS Module PopnupBlog = 2.52...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/04/03 12:0 a.m.27 views

XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== XOOPS Module PopnupBlog XOOPS Module PopnupBlog //'=============================================================================================== //'Script Name: XOOPS...

7.1AI score
Exploits0
Rows per page
Query Builder