15 matches found
EUVD-2008-1377
Malware in sbrugna...
EUVD-2009-1039
Malware in sbrugna...
Yap Blog 1.1 - 'index.php' Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...
Sql injection
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
CVE-2009-1038
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
CVE-2009-1038
CVE-2009-1038 concerns YAP Blog 1.1.1, which is reported to have multiple SQL injection vulnerabilities. The affected components are the (1) image_id parameter in comments.php and the (2) user parameter in a modif action to admin/index.php, potentially allowing an attacker to alter or read data v...
CVE-2009-1038
Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 imageid parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the 2 user parameter in a modif action to admin/index.php...
Yap Blog 'index.php' Remote File Include Vulnerability
Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...
Yap Blog < 1.1.1 RFI Vulnerability - Active Check
Yap Blog is prone to a remote file inclusion RFI vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-1370
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-1370
The provided connected sources confirm CVE-2008-1370 is a remote file inclusion vulnerability in Yap Blog’s index.php. Affected software: Yap Blog 1.1 (and up to 1.1.1 per OpenVAS entry). Root cause: insufficient sanitization/validation of user-supplied input, allowing a crafted URL in the page p...
yapblog-rfi.txt
Description: Yap Blog 1.1 Remote File Include RFI Script Name: Yap Blog 1.1 Author : THEMILLER contact : themilleratlinuxmail.org Download URL : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Bug Type: Remote File Inclusion Bug In: index.php Vulnerable Code: if isset$GET'page' include...
Yap Blog 1.1 - index.php Remote File Inclusion
Yap Blog 1.1 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and...
Yap Blog 1.1 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also...