17 matches found
EUVD-2005-4522
Malware in sbrugna...
EUVD-2010-1370
Malware in sbrugna...
Direct News 4.10.2 - Multiple Remote File Include Vulnerability
No description provided by source. \|/// \ - - // @ @ ----oOOo---oOOo-------------------------------------------------- Direct News 4.10.2 Multiple Remote File Include Vulnerability Script: http://code.google.com/p/directnews/downloads/list Author: mat Mail: [email protected]...
CVE-2010-1342
Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 admin/menu.php and 2 library/lib.menu.php; and the adminroot parameter to 3...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 admin/menu.php and 2 library/lib.menu.php; and the adminroot parameter to 3...
CVE-2010-1342
Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 admin/menu.php and 2 library/lib.menu.php; and the adminroot parameter to 3...
CVE-2010-1342
CVE-2010-1342 affects Direct News 4.10.2. It describes multiple remote file inclusion vulnerabilities when register_globals is enabled, allowing an attacker to execute arbitrary PHP code via a URL parameter in either rootpath (admin/menu.php, library/lib.menu.php) or adminroot (admin/media/update...
Direct News 4.10.2 Remote File Inclusion
\|/// \ - - // @ @ ----oOOo---oOOo-------------------------------------------------- Direct News 4.10.2 Multiple Remote File Include Vulnerability Script: http://code.google.com/p/directnews/downloads/list Author: mat Mail: [email protected]...
Direct News 4.10.2 Multiple Remote File Include Vulnerability
No description provided by source. \|/// \ - - // @ @ ----oOOo---oOOo-------------------------------------------------- Direct News 4.10.2 Multiple Remote File Include Vulnerability Script: http://code.google.com/p/directnews/downloads/list Author: mat Mail: [email protected]...
Direct News 4.10.2 Multiple Remote File Include Vulnerability
Exploit for php platform in category web applications ============================================================= Direct News 4.10.2 Multiple Remote File Include Vulnerability ============================================================= \|/// \ - - // @ @...
Direct News 4.10.2 - Multiple Remote File Inclusions
\|/// \ - - // @ @ ----oOOo---oOOo-------------------------------------------------- Direct News 4.10.2 Multiple Remote File Include Vulnerability Script: http://code.google.com/p/directnews/downloads/list Author: mat Mail: [email protected]...
CVE-2005-4527
Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via 1 the setLang parameter in index.php and 2 unspecified search module parameters...
CVE-2005-4527
CVE-2005-4527 involves Direct News 4.9 with multiple SQL injection vulnerabilities. The issues allow remote attackers to execute arbitrary SQL via (1) the setLang parameter in index.php and (2) unspecified search module parameters. NVD reports a base score of 7.5 (HIGH) with Network attack vector...
CVE-2005-4527
Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via 1 the setLang parameter in index.php and 2 unspecified search module parameters...
Direct News 4.9 - index.php SQL Injection
Direct News 4.9 - index.php SQL Injection source: https://www.securityfocus.com/bid/15957/info Direct News is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitatio...
Direct News 4.9 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/15957/info Direct News is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
Direct News SQL inj.
Direct News SQL inj. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/direct-news-sql-inj.html vendor: http://www.direct-news.net affected version: 4.9 and prior Product Description: Direct News 4.9 is an easy-to-use CMS based on php-mysql. Its rea...