Blogs archive - Exabytes Security Portal

Archive for the 'Blogs' Category

aflog SQL Injection

Published by TL Guan February 21st, 2008 in Blogs and SQL Injection.

Application: aflog
Affected Version: 1.01 and other versions.
Vendor’s URL: http://aflog.org/
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

WordPress PHP_Self Cross-Site Scripting Vulnerability

Published by KM Chow August 27th, 2007 in Applications, Blogs and Cross Site Scripting.

Application Affected:
WordPress WordPress 2.1.2
WordPress WordPress 2.1.1
WordPress WordPress 2.0.10
WordPress WordPress 2.0.7
WordPress WordPress 2.0.6
WordPress WordPress 2.0.5
WordPress WordPress 2.0.4
WordPress WordPress 2.0.3
WordPress WordPress 2.0.2
WordPress WordPress 2.0.1
WordPress WordPress 2.0
WordPress WordPress 2.2 Revision 5003
WordPress WordPress 2.2 Revision 5002
WordPress WordPress 2.1.3-RC1
WordPress WordPress 2.1
WordPress WordPress 2.0.10-RC1

Vendor’s URL: WordPress HomePage
Bug Type: Input Validation
Risk Level: Medium

Solution: The fix will be included in newer version of WordPress 2.2.2 .

Mybloggie XSS Vulnerability

Published by CS Lee January 18th, 2007 in Blogs and Cross Site Scripting.

Application: mybloggie
Version: 2.1.5
Vendor’s URL: http://mywebland.com/download.php?id=19
Bug type: Cross Site Scripting
Risk: Medium

Solution:
- If you are using this cms, please keep your eyes close to vendor site for further update to fix the bug mentioned.

Exabytes Security Portal

Categories

Archive for the 'Blogs' Category

aflog SQL Injection

WordPress PHP_Self Cross-Site Scripting Vulnerability

Mybloggie XSS Vulnerability

Search

About

Subscribe

Latest

Archives