14 matches found
EUVD-2006-3107
Malware in sbrugna...
EUVD-2006-3109
Malware in sbrugna...
EUVD-2006-3108
Malware in sbrugna...
CVE-2006-3112
Chipmailer 1.09 allows remote attackers to obtain sensitive information via a direct request to php.php, which displays the output of the phpinfo function...
CVE-2006-3110
Cross-site scripting XSS vulnerability in main.php in Chipmailer 1.09 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 betreff, 3 mail, and 4 text parameters...
CVE-2006-3111
Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by 1 anfang, 2 name, 3 mail, 4 anrede, 5 vorname, 6 nachname, 7 gebtag, 8 gebmonat, and 9 gebjahr...
CVE-2006-3111
Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by 1 anfang, 2 name, 3 mail, 4 anrede, 5 vorname, 6 nachname, 7 gebtag, 8 gebmonat, and 9 gebjahr...
CVE-2006-3111
Chipmailer 1.09 contains multiple SQL injection flaws in main.php that let remote attackers execute arbitrary SQL commands via parameters (anfang, name, mail, anrede, vorname, nachname, gebtag, gebmonat, gebjahr) with network access and no authentication. The NVD entry IDs CVE-2006-3111 document ...
CVE-2006-3110
Cross-site scripting XSS vulnerability in main.php in Chipmailer 1.09 allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 betreff, 3 mail, and 4 text parameters...
CVE-2006-3112
Chipmailer 1.09 allows remote attackers to obtain sensitive information via a direct request to php.php, which displays the output of the phpinfo function...
CVE-2006-3112
The CVE-2006-3112 issue affects Chipmailer 1.09 and allows remote attackers to obtain sensitive information by issuing a direct request to php.php, which exposes the output of phpinfo. This directly implies partial confidentiality impact as described, but exploitation details, affected versions b...
CVE-2006-3110
The CVE-2006-3110 issue affects Chipmailer 1.09 and is a Cross-site Scripting (XSS) vulnerability in main.php, exploitable through the (1) name, (2) betreff, (3) mail, and (4) text parameters. The NVD entry documents a MEDIUM impact (CVSS v2: AV:N/AC:M/Au:N/C:N/I:P/A:N) with a base score of 4.3. ...
Chipmailer <= 1.09 Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: Chipmailer = 1.09 Multiple Vulnerabilities Release Date: 2006/06/13 Last Modified: 2006/06/13 Author: Tamriel tamriel at gmx dot net Application: Chipmailer = 1.09 Risk: Medium Vendor Status: no patch available Vendor Site: chipmailer.de...
chipmailer109.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: Chipmailer "; ... Nothing will be checked so an attacker can send the site administrator some shit. In the complete script you can found this vulnerabilities so i mention only one example here. 2 SQL Injection Vulnerability in main.php arrou...