EUVD-2006-3899

Malware in sbrugna...

wl40www240.webland.ch Cross Site Scripting vulnerability OBB-3502577

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

myevent-xss.txt

░░░▒▒▒▓▓▓▓█████████████████████████████████████████████████████▓▓▓▓▒▒▒░░░ ░░░▒▒▒▓▓▓▓ ▓▓▓▓▒▒▒░░░ ░░░▒▒▒▓▓▓▓ XSS Vulnerability ▓▓▓▓▒▒▒░░░ ░░░▒▒▒▓▓▓▓ myEvent viewevent.php XSS Vulnerability ▓▓▓▓▒▒▒░░░ ░░░▒▒▒▓▓▓▓ http://mywebland.com/ ▓▓▓▓▒▒▒░░░ ░░░▒▒▒▓▓▓▓ ▓▓▓▓▒▒▒░░░...

Design/Logic Flaw

hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header...

CVE-2006-4043

index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive information via a query that only specifies the viewdate mode, which reveals the table prefix in a SQL error message...

CVE-2006-3905

SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the 1 postid parameter in index.php and 2 search function...

CVE-2006-3905

SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the 1 postid parameter in index.php and 2 search function...

CVE-2006-3905

Affected software: Webland MyBloggie 2.1.3. Vulnerability: SQL injection allowing remote attackers to execute arbitrary SQL commands via (1) the post_id parameter in index.php and (2) the search functionality. Root cause: unsafely constructed SQL queries exposed to user-controlled inputs. Impact:...