1031 matches found
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter aka the Username field. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter aka the Username field. NOTE: some of these details are obtained from third party information...
CVE-2009-1453
CVE-2009-1453 : A SQL injection vulnerability exists in Tiny Blogr 1.0.0 rc4, specifically in class.eport.php. When magic_quotes_gpc is disabled, an attacker can manipulate the txtUsername parameter (the Username field) to execute arbitrary SQL commands remotely. This is a classic input-validatio...
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the txtUsername parameter aka the Username field. NOTE: some of these details are obtained from third party information...
Tiny Blogr 1.0.0 rc4 (Auth Bypass) SQL Injection Vulnerability
No description provided by source. Salvatore "drosophila" Fresta + Application: Tiny Blogr + Version: 1.0.0 rc4 + Website: http://tinyblogr.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 17 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore...
Tiny Blogr 1.0.0 rc4 Authentication Bypass
Salvatore "drosophila" Fresta + Application: Tiny Blogr + Version: 1.0.0 rc4 + Website: http://tinyblogr.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 17 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact:...
Tiny Blogr 1.0.0 rc4 (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== Tiny Blogr 1.0.0 rc4 Auth Bypass SQL Injection Vulnerability ============================================================== Salvatore "drosophila" Fresta + Application: Tiny...
Tiny Blogr 1.0.0 RC4 SQL Injection
Salvatore "drosophila" Fresta + Application: Tiny Blogr + Version: 1.0.0 rc4 + Website: http://tinyblogr.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 17 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact:...
Tiny Blogr 1.0.0 rc4 - Authentication Bypass
Tiny Blogr 1.0.0 rc4 - Authentication Bypass Salvatore "drosophila" Fresta + Application: Tiny Blogr + Version: 1.0.0 rc4 + Website: http://tinyblogr.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 17 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...
Tiny Blogr 1.0.0 rc4 - Authentication Bypass
Salvatore "drosophila" Fresta + Application: Tiny Blogr + Version: 1.0.0 rc4 + Website: http://tinyblogr.sourceforge.net + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 17 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact:...
Cisco IOS Tiny shellcode v1.0
No description provided by source. ---------------------------------------------------------------------------------------- Cisco IOS Tiny shellcode v1.0 c 2007 IRM Plc By Gyan Chawdhary ---------------------------------------------------------------------------------------- The code creates a ne...
Tiny Portal 1.0 - 'shouts' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28630/info Tiny Portal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context o...
Sql injection
SQL injection vulnerability in index.php in the Tiny Event tinyevent 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811...
CVE-2008-0937
SQL injection vulnerability in index.php in the Tiny Event tinyevent 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811...
CVE-2008-0937
The CVE-2008-0937 entry describes a SQL injection vulnerability in the Tiny Event (tinyevent) 1.01 module for XOOPS. An attacker can manipulate the id parameter in a print action to execute arbitrary SQL commands. The connected documents corroborate the vulnerability, including references to rela...
CVE-2008-0937
SQL injection vulnerability in index.php in the Tiny Event tinyevent 1.01 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action, a different vector than CVE-2007-1811...
XOOPS Tiny Event 1.01 - print Option SQL Injection
XOOPS Tiny Event 1.01 - print Option SQL Injection source: https://www.securityfocus.com/bid/27931/info Tiny Event is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...
XOOPS Tiny Event 1.01 - 'print' Option SQL Injection
source: https://www.securityfocus.com/bid/27931/info Tiny Event is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
Debian Security Advisory DSA 986-1 (gnutls11)
The remote host is missing an update to gnutls11 announced via advisory DSA 986-1. Evgeny Legerov discovered several out-of-bounds memory accesses in the DER decoding component component of the Tiny ASN.1 Library, which is also present and used in GnuTLS, the GNU implementation for Transport Laye...
Debian Security Advisory DSA 985-1 (libtasn1-2)
The remote host is missing an update to libtasn1-2 announced via advisory DSA 985-1. Evgeny Legerov discovered several out-of-bounds memory accesses in the DER decoding component component of the Tiny ASN.1 Library that allows attackers to crash the DER decoder and possibly execute arbitrary code...