17 matches found
EUVD-2007-1943
Malware in sbrugna...
EUVD-2007-1944
Malware in sbrugna...
EUVD-2008-3144
Malware in sbrugna...
CVE-2008-3154
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter...
Sql injection
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2008-3154
CVE-2008-3154 is a SQL injection vulnerability in the WebBlizzard CMS, specifically in the index.php handling of the page parameter. The underlying issue allows remote attackers to modify the database by injecting SQL commands, with potential impact to confidentiality, integrity, and availability...
CVE-2008-3154
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter...
WebBlizzard CMS 'index.php' SQL注入漏洞
BUGTRAQ ID: 30074 CNCAN ID:CNCAN-2008070701 WebBlizzard CMS是一款基于PHP的WEB应用程序。 WebBlizzard CMS不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于'index.php'脚本对用户提交给WEB参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 WebBlizzard CMS 目前没有解决方案提供: http://www.webblizzard.de/ /usr/bin/perl |+| Vendor...
CMS WebBlizzard (index.php page) Blind SQL Injection Exploit
Exploit for unknown platform in category web applications...
Cross site scripting
Cross-site scripting XSS vulnerability in indexcms.php in WebBlizzard CMS allows remote attackers to inject arbitrary web script or HTML via the Suchzeile parameter...
CVE-2007-1949
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
Session fixation
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1949
The CVE-2007-1949 entry describes a Session fixation vulnerability in WebBlizzard CMS where an attacker can hijack user sessions by setting a PHPSESSID cookie. The connected documents confirm the flaw affects WebBlizzard CMS and exposes session integrity risk, allowing remote exploitation via coo...
CVE-2007-1950
Cross-site scripting XSS vulnerability in indexcms.php in WebBlizzard CMS allows remote attackers to inject arbitrary web script or HTML via the Suchzeile parameter...
CVE-2007-1949
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie...
CVE-2007-1950
CVE-2007-1950 describes a cross-site scripting (XSS) vulnerability in WebBlizzard CMS, specifically in the file index_cms.php where the Suchzeile parameter accepts user input without proper sanitization. This allows remote attackers to inject arbitrary web script or HTML. The available documents ...
[MajorSecurity Advisory #42]webblizzard CMS - Cross Site Scripting and Session fixation Issues
MajorSecurity Advisory 42webblizzard CMS - Cross Site Scripting and Session fixation Issues Details ======= Product: webblizzard CMS Remote-Exploit: yes Vendor-URL: http://www.webblizzard.de/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...