EUVD-2006-4843

Malware in sbrugna...

Malicious Package

Overview @kibt/weblogger is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...

Malicious code in @kibt/weblogger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035a055f53a5761085351a9e6b15c91eb2005049497022de631fd5a382021333 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-378 Malicious code in @kibt/weblogger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035a055f53a5761085351a9e6b15c91eb2005049497022de631fd5a382021333 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

TheBlog 2.0 SQL Injection / Cross Site Scripting

= 5, on SQL codes to insert, you must replace all: TYPE=MyISAM By: ENGINE=InnoDB -+- We discovered multiple vulnerabilities on this system. All in index.php, vars: SQL Injection index.php?id=sqli index.php?cat=sqli index.php?archives=sqli without "-" XSS Persistent stored When reading a post, cli...

PowerPhlogger Detection

This host is running PowerPhlogger, a complete counter hosting tool. It lets you offer counter service to others from your site. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Roller Weblogger contains a cross-site scripting vulnerability

Overview A cross-site scripting vulnerability in Roller Weblogger may allow an attacker to read or modify data in web pages and cookies. Description There is a cross-site scripting vulnerability in the way that Roller handles data supplied in the comments section of a web page running the Roller...

CVE-2006-4856

Multiple cross-site scripting XSS vulnerabilities in Roller WebLogger 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, or 3 url parameters; 4 certain content parameters in the preview method; or 5 the q parameter in a sitesearch.do...

CVE-2006-4856

Multiple cross-site scripting XSS vulnerabilities in Roller WebLogger 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, or 3 url parameters; 4 certain content parameters in the preview method; or 5 the q parameter in a sitesearch.do...

CVE-2006-4856

CVE-2006-4856 describes multiple cross-site scripting (XSS) vulnerabilities in Roller WebLogger 2.3. The issue affects input handling through parameters such as name, email, url, content in preview, and q in sitesearch.do, allowing injection of arbitrary script/HTML. CERT notes a fix in Roller We...

Roller Weblogger XSS vulnerability

I. BACKGROUND Roller is the open source blog server that drives Sun Microsystem's blogs.sun.com employee blogging site, IBM DeveloperWorks blogs, thousands of internal blogs at IBM Blog Central, the Javalobby's 10,000 user strong JRoller Java community site, and hundreds of other blogs world-wide...