Lucene search
K

58 matches found

Exploit DB
Exploit DB
added 2005/06/20 12:0 a.m.29 views

UApplication Ublog Reload 1.0.5 - 'Trackback.asp' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13994/info Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/06/20 12:0 a.m.20 views

Ublog Reload 1.0.5 - 'blog_comment.asp?y' SQL Injection

source: https://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/06/20 12:0 a.m.23 views

[SA15747] Ublog Reload SQL Injection and Cross-Site Scripting

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

1.1AI score
Exploits0
exploitpack
exploitpack
added 2005/06/20 12:0 a.m.13 views

Ublog Reload 1.0.5 - blog_comment.asp?y SQL Injection

Ublog Reload 1.0.5 - blogcomment.asp?y SQL Injection source: https://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2005/05/03 4:0 a.m.13 views

CVE-2005-1426

Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb aka mdb-database/blog.msb...

6.3AI score0.01541EPSS
Exploits1References4
NVD
NVD
added 2005/05/03 4:0 a.m.9 views

CVE-2005-1426

Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb aka mdb-database/blog.msb...

5CVSS6.3AI score0.01541EPSS
Exploits1References4
CVE
CVE
added 2005/05/03 4:0 a.m.33 views

CVE-2005-1426

Affected software: Ublog Reload (Uapplication Ublog Reload). Vulnerable component: mdb-database/blog.mdb (aka blog.msb) exposed under the web root. Root cause: insufficient access control in the web root enables direct HTTP retrieval of the database by remote attackers. Impact: potential unauthor...

5CVSS6.7AI score0.01541EPSS
Exploits1References4
NVD
NVD
added 2005/05/02 4:0 a.m.6 views

CVE-2005-0925

Cross-site scripting XSS vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

4.3CVSS5.8AI score0.01992EPSS
Exploits1References6
NVD
NVD
added 2005/05/02 4:0 a.m.15 views

CVE-2005-0938

Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb...

5CVSS6.6AI score0.01388EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2005/04/02 12:0 a.m.20 views

UblogXSS.txt

PersianHacker.NET 200503-11Ublog reload 1.0.4 and prior Multiple Vulnerbilities Date: 2005 03 Bug Number: 11 Ublog Ublog reload is a complete ASP weblog system. More info @: http://www.uapplication.com Discussion: -------------------- What are the bugs ? 1 Cross-Site Scripting that lets attackers...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/03/31 12:0 a.m.34 views

[PersianHacker.NET 200503-11]Ublog reload 1.0.4 and prior Multiple Vulnerbilities

PersianHacker.NET 200503-11Ublog reload 1.0.4 and prior Multiple Vulnerbilities Date: 2005 03 Bug Number: 11 Ublog Ublog reload is a complete ASP weblog system. More info @: http://www.uapplication.com Discussion: -------------------- What are the bugs ? 1 Cross-Site Scripting that lets attackers...

1AI score
Exploits0
CVE
CVE
added 2005/03/30 5:0 a.m.51 views

CVE-2005-0938

The CVE concerns Ublog Reload 1.0–1.0.4, where the application stores ublogreload.mdb under the web root. This enables an attacker to read usernames and hashed passwords by making a direct request to ublogreload.mdb, exposing authentication data. The underlying issue is exposure of the MDB databa...

5CVSS7AI score0.01388EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2005/03/30 5:0 a.m.22 views

CVE-2005-0938

Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb...

6.6AI score0.01388EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/03/29 5:0 a.m.11 views

CVE-2005-0925

Cross-site scripting XSS vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

5.8AI score0.01992EPSS
Exploits1References6
CVE
CVE
added 2005/03/29 5:0 a.m.38 views

CVE-2005-0925

CVE-2005-0925 affects Ublog Reload 1.0–1.0.4. Affected component: login.asp, vulnerable parameter: msg, enabling Cross‑site Scripting (XSS) by remote attackers to inject arbitrary script/HTML. Impact aligns with partial integrity concerns and no confidentiality/availability loss per CVSS—base 4.3...

4.3CVSS6AI score0.01992EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2005/03/29 12:0 a.m.25 views

Ublog < 1.0.5 login.asp msg Parameter XSS

Binary data 2776.prm...

4.3CVSS7.3AI score0.01992EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2005/03/29 12:0 a.m.23 views

UApplication Ublog 1.0.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentia...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/03/29 12:0 a.m.15 views

UApplication Ublog 1.0.x - Cross-Site Scripting

UApplication Ublog 1.0.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/12931/info Ublog is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate th...

6.8AI score
Exploits0
Rows per page
Query Builder