30 matches found
EUVD-2008-6816
Malware in sbrugna...
EUVD-2007-6237
Malware in sbrugna...
EUVD-2007-6236
Malware in sbrugna...
EUVD-2008-2750
Malware in sbrugna...
EUVD-2008-2751
Malware in sbrugna...
Absolute News Manager .NET 5.1 xlaabsolutenm.aspx Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
Absolute News Manager .NET 5.1 pages/default.aspx template Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
Absolute News Manager .NET 5.1 getpath.aspx Direct Request Error Message Information
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
Absolute News Manager .NET 5.1 pages/default.aspx template Variable Remote File Access
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
CVE-2008-6856
The CVE-2008-6856 entry concerns Xigla Software Absolute News Manager.NET 5.1. According to the provided records, the vulnerability allows remote attackers to bypass authentication and gain administrative access by setting a specific cookie value. The core issue is an authentication bypass via co...
Absolute News Manager 5.1 Insecure Cookie Handling Vulnerability
No description provided by source. Discovered by : Hakxer Script : Absolute News Manager :http://www.xigla.com/absolutenmnet/demo.htm Greetz : Allah , Egyptian x Hacker , SQLInj4ct0r , Stealth , All my team Team : EgY Coders Team ----------------------------Start...
absolutenewsmanager-cookie.txt
Discovered by : Hakxer Script : Absolute News Manager :http://www.xigla.com/absolutenmnet/demo.htm Greetz : Allah , Egyptian x Hacker , SQLInj4ct0r , Stealth , All my team Team : EgY Coders Team ----------------------------Start Exploit----------------------------------- First Go to...
Absolute News Manager 5.1 Insecure Cookie Handling Vulnerability
Exploit for unknown platform in category web applications ================================================================ Absolute News Manager 5.1 Insecure Cookie Handling Vulnerability ================================================================ The following procedures methods may contain...
Absolute News Manager 5.1 - Insecure Cookie Handling
Absolute News Manager 5.1 - Insecure Cookie Handling Discovered by : Hakxer Script : Absolute News Manager :http://www.xigla.com/absolutenmnet/demo.htm Greetz : Allah , Egyptian x Hacker , SQLInj4ct0r , Stealth , All my team Team : EgY Coders Team ----------------------------Start...
Absolute News Manager 5.1 - Insecure Cookie Handling
Discovered by : Hakxer Script : Absolute News Manager :http://www.xigla.com/absolutenmnet/demo.htm Greetz : Allah , Egyptian x Hacker , SQLInj4ct0r , Stealth , All my team Team : EgY Coders Team ----------------------------Start Exploit----------------------------------- First Go to...
Sql injection
SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...
CVE-2008-2757
SQL injection vulnerability in search.asp in Xigla Absolute News Manager XE 3.2 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remote authenticated administrators to inject arbitrary web script or HTML via the 1 pblname and 2 text parameters to a admin/search.asp, 3 name parameter to b admin/publishers.asp, and other unspecified...
CVE-2008-2758
Multiple cross-site scripting XSS vulnerabilities in Xigla Absolute News Manager XE 3.2 allow remote authenticated administrators to inject arbitrary web script or HTML via the 1 pblname and 2 text parameters to a admin/search.asp, 3 name parameter to b admin/publishers.asp, and other unspecified...
CVE-2008-2757
The CVE-2008-2757 entry affects Xigla Absolute News Manager XE 3.2. Affected component: search.asp. Root cause: SQL injection via the orderby parameter, enabling remote authenticated administrators to execute arbitrary SQL commands. Impact: allows manipulation of backend databases (as described),...