21 matches found
CVE-2008-6047
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
EUVD-2009-2439
Malware in sbrugna...
EUVD-2008-6017
Malware in sbrugna...
EUVD-2008-6016
Malware in sbrugna...
EUVD-2009-2444
Malware in sbrugna...
Directory traversal
Directory traversal vulnerability in maillinglist/admin/changeconfig.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter...
CVE-2009-2449
Directory traversal vulnerability in maillinglist/admin/changeconfig.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter...
CVE-2009-2449
CVE-2009-2449 describes a directory traversal vulnerability in ADbNewsSender prior to 1.5.6, affecting maillinglist/admin/change_config.php. An attacker can use a .. (dot dot) in the path_to_lang parameter to cause the application to include and execute arbitrary local files. This leads to potent...
CVE-2009-2444
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter to setup/index.php...
Directory traversal
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter to setup/index.php...
CVE-2009-2444
The CVE-2009-2444 vulnerability affects ADbNewsSender and allows directory traversal through path_to_lang in setup/index.php, enabling remote inclusion and execution of local files. Affected versions are ADbNewsSender before 1.5.6 and 2.0 before RC2. The CVSS2 base score is 7.5 (HIGH) with NETWOR...
CVE-2009-2444
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter to setup/index.php...
CVE-2008-6047
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
Cross site scripting
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
Sql injection
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
CVE-2008-6047
CVE-2008-6047 affects ADbNewsSender before 1.5.2. It describes a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary script or HTML via vectors related to subscribing and unsubscribing. The reports do not provide exploit details, affected versions beyond 1.5....
CVE-2008-6046
CVE-2008-6046 affects ADbNewsSender prior to 1.5.2. The vulnerability is a SQL injection via unspecified vectors in mailinglist/ (opt_in_out.php.inc, confirmation.php.inc, renewal.php.inc). Remote attackers could potentially execute arbitrary SQL commands due to the underlying flaw in handling in...