13 matches found
EUVD-2007-0125
Malware in sbrugna...
EUVD-2006-2005
Malware in sbrugna...
RI Blog 1.3 Search.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21880/info RI Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...
CVE-2007-0121
Cross-site scripting XSS vulnerability in search.asp in RI Blog 1.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
CVE-2007-0121
Cross-site scripting XSS vulnerability in search.asp in RI Blog 1.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter...
CVE-2007-0121
CVE-2007-0121 is an XSS vulnerability in RI Blog 1.3 (search.asp) that allows remote attackers to inject arbitrary script/HTML via the q parameter. Public records cite a CVSS v2 base score of 6.8 (Medium), with network attack vector and partial impact to confidentiality, integrity, and availabili...
riblog-xss.txt
BhhGroup.Org & Bilgi-Yonetimi.Org.Tr script name : RI Blog 1.3 Script Download : http://www.aspindir.com/indir.asp?id=4098 Risk : High Found By : ShaFuck31 Vulnerable file : search.asp Vulnerable : http://www.victim.com/BlogPath/search.asp?q=XSS ExampLe :...
RI Blog 1.3 XSS Vuln.
BhhGroup.Org & Bilgi-Yonetimi.Org.Tr script name : RI Blog 1.3 Script Download : http://www.aspindir.com/indir.asp?id=4098 Risk : High Found By : ShaFuck31 Vulnerable file : search.asp Vulnerable : http://www.victim.com/BlogPath/search.asp?q=XSS ExampLe :...
RI Blog 1.3 - 'search.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/21880/info RI Blog is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user...
CVE-2006-2004
Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote attackers to execute arbitrary SQL command via the 1 username or 2 password fields...
Sql injection
Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote attackers to execute arbitrary SQL command via the 1 username or 2 password fields...
CVE-2006-2004
CVE-2006-2004 describes multiple SQL injection vulnerabilities in RI Blog 1.1 that allow remote attackers to execute arbitrary SQL commands through the (1) username or (2) password fields. The CVSS base score is 7.5 (HIGH) with network attack vector, low complexity, and no authentication required...
CVE-2006-2004
Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote attackers to execute arbitrary SQL command via the 1 username or 2 password fields...