Phoenix Evolution CMS - '/modules/pageedit/index.php?pageid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20212/info Phoenix Evolution CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GnuTLS Library provides support for cryptographic algorithms and protocols such as TLS...

CVE-2006-4678

PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the NEAbsPath parameter in 1 install.php and 2 migrateNE2toNE3.php...

CVE-2006-4678

The CVE-2006-4678 entry concerns News Evolution 3.0.3, which is vulnerable to a PHP remote file inclusion via the _NE[AbsPath] parameter in install.php and migrateNE2toNE3.php. The vulnerability is remote, requires no authentication, and can yield arbitrary PHP code execution. CVSS v2 base score ...

CVE-2006-4678

PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the NEAbsPath parameter in 1 install.php and 2 migrateNE2toNE3.php...

News Evolution v3.0.3 - Remote File Include Vulnerabilities

ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- News Evolution v3.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=825 Script : News Evolution v3.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE,...

News Evolution 3.0.3 _NE[AbsPath] Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== News Evolution 3.0.3 NEAbsPath Remote File Include Vulnerabilities ===================================================================== ERNE ---- ERNEALiZM ---- BU ASK...

News Evolution 3.0.3 _NE[AbsPath] Remote File Include Vulnerabilities

No description provided by source. ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- News Evolution v3.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=825 Script : News Evolution v3.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net...

News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion

News Evolution 3.0.3 - NEAbsPath Remote File Inclusion ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- News Evolution v3.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=825 Script : News Evolution v3.0.3 Credits : ERNE Contact : [email protected] a...

News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion

ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- News Evolution v3.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=825 Script : News Evolution v3.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE,...

CentOS 3 / 4 : Evolution (CESA-2005:267)

Updated evolution packages that fix a format string issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. A format string bug was found in...

CentOS 4 : gnutls (CESA-2006:0207)

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The GNU TLS Library provides support for cryptographic algorithms and protocols such as TLS. GN...

CentOS 3 : evolution (CESA-2005:238)

Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. Evolution includes a mailer, calendar, contact manage...

Mandrake Linux Security Advisory : evolution (MDKSA-2006:094)

Evolution, as shipped in Mandriva Linux 2006.0, can crash displaying certain carefully crafted images, if the 'Load images if sender is in address book' option in enabled in Edit | Preferences | Mail Preferences | HTML. Packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenab...

CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...

Null pointer dereference

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...

DEBIAN-CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...

CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...

CVE-2006-2789

Evolution 2.2.x/2.3.x on GNOME 2.7/2.8 is affected. When the option “load images if sender in addressbook” is enabled, a crafted From header can trigger an assert in camel-internet-address.c using a null pointer, causing a persistent crash (denial of service). This vulnerability is evidenced acro...

CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...