6 matches found
EUVD-2005-1058
Malware in sbrugna...
TowerBlog Admin Bypass
The remote host is running TowerBlog, a single-user content management system, written in PHP. Due to design error, an attacker may be granted administrative privileges by requesting the page SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced...
CVE-2005-1055
TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the dat/login file...
CVE-2005-1055
CVE-2005-1055 (TowerBlog): TowerBlog 0.6 and earlier stores the login data file under the web root, enabling remote access to the file via a direct request to the _dat/login path. This exposes MD5 checksums of usernames and passwords, constituting a partial confidentiality impact. The connected r...
[Full-disclosure] TowerBlog <= 0.6 Admin Account View [x0n3-h4ck]
-=--------------------ADVISORY-------------------=- -= =- -= TowerBlog = 0.6 =- -= =- -= Author: CorryL x0n3-h4ck.org =- -= =- -=-----------------------------------------------------=- -=+ Application: TowerBlog -=+ Version: 0.6 -=+ Vendor's URL: http://tower.hybryd.org/?x=home -=+ Platform:...
CVE-2005-1055
TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the dat/login file...