15 matches found
EUVD-2008-4683
Malware in sbrugna...
EUVD-2007-5805
Malware in sbrugna...
EUVD-2007-5804
Malware in sbrugna...
CVE-2008-4703
SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter...
Sql injection
SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter...
CVE-2008-4703
CVE-2008-4703 describes a SQL injection in BosDev BosNews 4.0, exploitable via the article parameter in news.php. Affected component: BosNews 4.0 (news.php) with the vulnerability in the handling of the article field. Root cause: improper input handling leading to SQL injection, enabling remote a...
CVE-2008-4703
SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter...
Authentication flaw
Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service overwritten files and possibly obtain administrative access...
Cross site scripting
Cross-site scripting XSS vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post...
CVE-2007-5834
Cross-site scripting XSS vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post...
CVE-2007-5835
Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service overwritten files and possibly obtain administrative access...
CVE-2007-5835
Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service overwritten files and possibly obtain administrative access...
CVE-2007-5835
CVE-2007-5835 affects BosDev BosNews 4 and 5, where Install.php does not require authentication for replacing an existing installation or creating a new admin account. The described impact is denial of service via overwritten files and the possibility of obtaining administrative access. No explic...
CVE-2007-5834
CVE-2007-5834 is an XSS vulnerability in BosDev BosNews 4 that lets remote attackers inject arbitrary script/HTML via a SCRIPT element in a news post. Supported details from NVD: CVSS2 base score 4.3 (Medium), vector AV:N/AC:M/Au:N/C:N/I:P/A:N; attack requires network access, no authentication, b...
CVE-2007-5834
Cross-site scripting XSS vulnerability in BosDev BosNews 4 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in a news post...