UC Gateway Investment SiteEngine v5.0 - Open Redirect

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action. id: CVE-2008-7269 info: name: UC Gateway Investment SiteEngine v5.0 - Open...

EUVD-2008-7220

Malware in sbrugna...

EUVD-2010-4326

Malware in sbrugna...

EUVD-2008-7221

Malware in sbrugna...

EUVD-2008-7222

Malware in sbrugna...

CVE-2010-4357

SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter...

Boca website, the engine management system SiteEngine /rss. php, etc. 3 sql injection vulnerability

No description provided by source...

UC Gateway Investment SiteEngine 5.0 'announcements.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31889/info SiteEngine is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

siteengine 5.x Multiple Vulnerabilities

No description provided by source. SiteEngine 5.x Multiple Remote Vulnerabilities Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if intval $i...

UC Gateway Investment SiteEngine 5.0 'api.php' URI Redirection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31888/info SiteEngine is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing-style attacks. SiteEngine 5.0 is...

SiteEngine <= 7.1 - SQL Injection Vulnerability

No description provided by source. Title: SiteEngine 7.1 SQL injection Vulnerability Date: 2010-11-25 Author: Beach Team: www.linux520.com Vendor: www.siteengine.net www.boka.cn Dork: Powered by SiteEngine //300,000 + Language:PHP Greetz: birdarmy Description: Exploit this vulnerability comment...

SiteEngine 'module' SQL Injection Vulnerability

The host is running SiteEngine and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbsiteenginesqlinjvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ SiteEngine 'module' SQL Injection Vulnerability Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone Networks GmbH,...

SiteEngine 'module' SQL Injection Vulnerability

SiteEngine is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SiteEngine Version Detection

This script finds the running SiteEngine version. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-4357

SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter...

CVE-2008-7269

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action...

CVE-2008-7267

SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

Open redirect

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action...

Sql injection

SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter...