CVE-2023-51062

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...

Command injection

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command...

QStar Archive Solutions Security Breach

QStar Archive Solutions is QStar's range of storage technologies for managing disk arrays, object storage, tape libraries, optical libraries, WORM and clouds private and hybrid. A security vulnerability exists in the QStar Archive Solutions RELEASE3-0 Build 7 release that stems from an informatio...

PT-2024-14041 · Qstar · Qstar Archive Solutions

Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: The issue allows attackers to disclose the SMB Log contents via executing a crafted command, specifically through an unauthenticated log file read in the component...

SMBlog 1.2 Arbitrary PHP Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitra...

CVE-2008-2183

CVE-2008-2183 is a reported SQL injection in SMartBlog 1.3, affecting the script index.php via the idt parameter. The underlying issue allows remote attackers to execute arbitrary SQL commands (partial data access/impact described as standard injection). The connected records provide concrete vec...

CVE-2008-2184

CVE-2008-2184 refers to multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3. The affected component is the application’s PHP code, with the issues exploitable through the following parameters: (1) mois, (2) an, (3) jour, and (4) id in index.php, and (5) login in gestion/logon.php...

CVE-2008-2185

The CVE-2008-2185 entry describes a directory traversal vulnerability in SMartBlog (aka SMBlog) 1.3. The vulnerability is in index.php and allows remote attackers to include arbitrary local files through directory traversal sequences supplied in the page parameter. This leads to potential exposur...

CVE-2006-1013

CVE-2006-1013 affects SMartBlog (SMBLog) 1.2 where index.php is vulnerable to a PHP remote file include via (1) the pg parameter and (2) a parameter-less query string. The vulnerability enables an attacker to include and execute arbitrary PHP files on the server. The CVSS-derived metrics in the p...

SMBlog Remote Command Exucetion

Offical webpage : http://superbounou.phpnet.org/smartblog/ Version : v1.2 http://www.site.com/path/index.php?evilcode?&cmd=id http://www.site.com/?pg=evilcode?&cmd=id Patriotic Hackers irc.gigachat.net kurdhack Botan,B3g0k,Seyh,Nistiman...

SMBlog 1.2 - Arbitrary PHP Command Execution

SMBlog 1.2 - Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

SMBlog 1.2 - Arbitrary PHP Command Execution

source: https://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP commands on the vulnerable...