EUVD-2003-0388

Malware in sbrugna...

BLNews 2.1.3 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be capable...

CVE-2003-0394

objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Serverpath parameter that points to malicious code on an attacker-controlled web site...

CVE-2003-0394

CVE-2003-0394 affects BLNews 2.1.3 where objects.inc.php4 is vulnerable to remote code execution via a Server[path] parameter pointing to attacker-controlled PHP code. The vulnerability enables an attacker to include remote PHP files, executing code with the web server’s privileges. Affected prod...

CVE-2003-0394

objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Serverpath parameter that points to malicious code on an attacker-controlled web site...

BLNews objects.inc.php4 Server[path] Parameter Remote File Inclusion

It is possible to make the remote host include remote PHP files using the BLnews CGI suite. A remote attacker may exploit this to execute arbitrary code with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: Thu, 22 May 2003 14:42:13 +0400 From: Ove...

PHP source code injection in BLNews

Product: BLNews Version: 2.1.3 OffSite: http://www.blnews.de/ Problem: PHP source code injection -------------------------------------------- Vulnerability: ------------admin/objects.inc.php4------------ if $itheme!="blubb" include"$Serverpath/admin/tools.inc.php4";...

BLNews 2.1.3 - Remote File Inclusion

source: https://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be capable of executing arbitrary PHP comman...

BLNews 2.1.3 - Remote File Inclusion

BLNews 2.1.3 - Remote File Inclusion source: https://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be...

PHP source code injection in BLNews

Product: BLNews Version: 2.1.3 OffSite: http://www.blnews.de/ Problem: PHP source code injection -------------------------------------------- Vulnerability: ------------admin/objects.inc.php4------------ if $itheme!="blubb" include"$Serverpath/admin/tools.inc.php4";...