EUVD-2007-3385

Malware in sbrugna...

EUVD-2006-7088

Malware in sbrugna...

Power Phlogger <= 2.0.9 (config.inc.php3) File Include Vulnerability

No description provided by source...

Power Phlogger 2.2.x Cross-site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37150/info Power Phlogger is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers can exploit this issue to steal cookie-based authentication...

Power Phlogger Cross-site Scripting Vulnerability

Power Phlogger is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user- supplied input. Attackers can exploit this issue to steal cookie-based authentication credentials or to control how the site is rendered to the user. Power Phlogger 2.2.5 is...

Power Phlogger Cross-site Scripting Vulnerability

Power Phlogger is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: information leakage, protection bypass, unauthorized access...

New vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Information Leakage, Insufficient Anti-automation и Insufficient Authentication уязвимостях в Power Phlogger. Information Leakage: В скрипте счётчика pphlogger.js, или в коде вызова скрипта с сервера системы в параметре id, на сайте...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: DoS against user's account and server...

New vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Abuse of Functionality та Denial of Service уязвимостях в Power Phlogger. Abuse of Functionality: Уязвимость в системе восстановления создания нового пароля http://site/dspNewPw.php. Зная "Имя пользователя" или "e-mail" id, который есть...

SQL Injection and DoS vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых SQL Injection и DoS уязвимостях в Power Phlogger. SQL Injection: Уязвимость можно использовать в частности для удаления стилей в том числе системных: http://site/edCss.php?cssstr=22/&action=delete Или для проведения DoS атак:...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: SQL injection, DoS...

New vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Insufficient Anti-automation, Abuse of Functionality и Information Leakage уязвимостях в Power Phlogger. Insufficient Anti-automation: На странице регистрации http://site/dspSignup.php нет защиты от автоматизированных запросов капчи. Abuse o...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: automated account registration, DoS...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: crossite scripting, DoS...

New vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Cross-Site Scripting и Abuse of Functionality уязвимостях в Power Phlogger. XSS: Это reflected и persistent XSS. http://site/edCss.php?action=create+new&fields5Bcss5D=3Cscript3Ealertdocument.cookie3C/script3E Код в дальнейшем исполняется при...

Multiple new vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Denial of Service, Information Leakage и Cross-Site Scripting уязвимостях в Power Phlogger. DoS: http://site/newaccountself.php Скрипт редиректит сам на себя зацикленный редирект. Что может создать большую нагрузку на сервер. Information...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger - information leak, crossite scripting. Simple Machines - crossite scripting...

Power Phlogger 2.2.5 - css_str SQL Injection

Power Phlogger 2.2.5 - cssstr SQL Injection SQL Injection vulnerability in Power Phlogger By MustLive http://websecurity.com.ua Detailed information: http://websecurity.com.ua/2158/ Description: SQL Injection vulnerability in Power Phlogger it is PHP/MySQL logging tool via counters. To make SQL...

Power Phlogger 2.2.5 (css_str) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== Power Phlogger 2.2.5 cssstr SQL Injection Vulnerability ========================================================== SQL Injection vulnerability in Power Phlogger Description: SQL...