tzitaroth - Security Researcher - Exploit Intelligence Platform

CVE-2006-1114 EXPLOITDB text WRITEUP

Loudblog <0.42 - Path Traversal

Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php.

View Code

CVE-2006-1114 EXPLOITDB text WRITEUP

Loudblog <0.42 - Path Traversal

Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (b) inc/backend_settings.php.

View Code

CVE-2006-1113 EXPLOITDB text WRITEUP

Loudblog <0.42 - SQL Injection

SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter.

View Code