15 matches found
EUVD-2008-1377
Malware in sbrugna...
EUVD-2009-1039
Malware in sbrugna...
Yap Blog 1.1 - 'index.php' Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...
CVE-2009-1038
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
Sql injection
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
CVE-2009-1038
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
CVE-2009-1038
CVE-2009-1038 concerns YAP Blog 1.1.1, which is reported to have multiple SQL injection vulnerabilities. The affected components are the (1) image_id parameter in comments.php and the (2) user parameter in a modif action to admin/index.php, potentially allowing an attacker to alter or read data v...
Yap Blog 'index.php' Remote File Include Vulnerability
Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...
Yap Blog < 1.1.1 RFI Vulnerability - Active Check
Yap Blog is prone to a remote file inclusion RFI vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-1370
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-1370
The provided connected sources confirm CVE-2008-1370 is a remote file inclusion vulnerability in Yap Blog’s index.php. Affected software: Yap Blog 1.1 (and up to 1.1.1 per OpenVAS entry). Root cause: insufficient sanitization/validation of user-supplied input, allowing a crafted URL in the page p...
yapblog-rfi.txt
Description: Yap Blog 1.1 Remote File Include RFI Script Name: Yap Blog 1.1 Author : THEMILLER contact : themilleratlinuxmail.org Download URL : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Bug Type: Remote File Inclusion Bug In: index.php Vulnerable Code: if isset$GET'page' include...
Yap Blog 1.1 - index.php Remote File Inclusion
Yap Blog 1.1 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and...
Yap Blog 1.1 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also...