21 matches found
CVE-2008-6047
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
EUVD-2009-2439
Malware in sbrugna...
EUVD-2009-2444
Malware in sbrugna...
EUVD-2008-6016
Malware in sbrugna...
EUVD-2008-6017
Malware in sbrugna...
Directory traversal
Directory traversal vulnerability in maillinglist/admin/changeconfig.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter...
CVE-2009-2449
Directory traversal vulnerability in maillinglist/admin/changeconfig.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter...
CVE-2009-2449
CVE-2009-2449 describes a directory traversal vulnerability in ADbNewsSender prior to 1.5.6, affecting maillinglist/admin/change_config.php. An attacker can use a .. (dot dot) in the path_to_lang parameter to cause the application to include and execute arbitrary local files. This leads to potent...
Directory traversal
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter to setup/index.php...
CVE-2009-2444
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter to setup/index.php...
CVE-2009-2444
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the pathtolang parameter to setup/index.php...
CVE-2009-2444
The CVE-2009-2444 vulnerability affects ADbNewsSender and allows directory traversal through path_to_lang in setup/index.php, enabling remote inclusion and execution of local files. Affected versions are ADbNewsSender before 1.5.6 and 2.0 before RC2. The CVSS2 base score is 7.5 (HIGH) with NETWOR...
CVE-2008-6047
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
Sql injection
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
Cross site scripting
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
CVE-2008-6047
Cross-site scripting XSS vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 subscribing and 2 unsubscribing...
CVE-2008-6046
SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in 1 optinout.php.inc, 2 confirmation.php.inc, and 3 renewal.php.inc in mailinglist/...
CVE-2008-6046
CVE-2008-6046 affects ADbNewsSender prior to 1.5.2. The vulnerability is a SQL injection via unspecified vectors in mailinglist/ (opt_in_out.php.inc, confirmation.php.inc, renewal.php.inc). Remote attackers could potentially execute arbitrary SQL commands due to the underlying flaw in handling in...