EUVD-2005-3951

Malware in sbrugna...

DMANews 0.9 - Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15628/info DMANews is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

CVE-2005-3956

Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 and 0.910 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in a comments action and the 2 sortorder and 3 displaynum parameters in a newslist action...

CVE-2005-3956

DMANews 0.904 and 0.910 are affected by multiple SQL injection vulnerabilities in index.php. The flaws allow remote attackers to inject arbitrary SQL commands through (1) the id parameter in a comments action and (2) the sortorder and (3) display_num parameters in a news_list action. The provided...

CVE-2005-3956

Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 and 0.910 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter in a comments action and the 2 sortorder and 3 displaynum parameters in a newslist action...

DMANews 0.9 - Multiple SQL Injections

DMANews 0.9 - Multiple SQL Injections source: https://www.securityfocus.com/bid/15628/info DMANews is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

DMANews Multiple SQL inj. vuln.

DMANews Multiple SQL inj. vuln. Vuln. dicovered by : r0t Date: 25 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/dmanews-multiple-sql-inj-vuln.html Vendor:http://www.dmanews.com/ affected version: 0.904 latest downloadable version and v0.910 Development version Product description...