7 matches found
sBlog 0.7.2 search.php keyword Variable POST Method XSS
No description provided by source. source: http://www.securityfocus.com/bid/17044/info sBlog is prone to HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
sBlog.txt
Product : sBlog 0.7.2 Vulnerability :sBlog SQL Injection and Path Disclosure Vulnerability Date of Disclosure : 02/05/06 Bugtraq ID : 17782 Summary: Software: sBlog 0.7.2 Site: http://servous.se/ Description: sBlog is a simple and new PHP Blog. Issue: Conducting a security benchmark on this open...
Sql injection
SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 in CVE-2006-1135...
CVE-2006-2189
SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 in CVE-2006-1135...
CVE-2006-2189
The CVE-2006-2189 issue affects sBlog 0.7.2, where search.php’s keyword parameter is not properly sanitized, allowing remote attackers to inject and execute arbitrary SQL commands. The vulnerability can also enable path disclosure as noted, indicating potential broader disclosure implications. Th...
CVE-2006-1135
CVE-2006-1135 documents multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2. The affected component is the web application’s search functionality (search.php) and comments submission handling (comments_do.php). The root cause is insufficient input sanitization, allowing an attacker...
sBlog_0.72_xss.txt
sBlog 0.7.2 == Multiple Cross-Site Scripting Vulnerability =================================== Information of Software: Software: sBlog 0.7.2 Site: http://servous.se/ Description: sBlog is a simple and new PHP Blog. Is very very simple and it's use by newbie of PHP...