19 matches found
EUVD-2007-3320
Malware in sbrugna...
EUVD-2007-3321
Malware in sbrugna...
CVE-2007-3330
Cross-site scripting XSS vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization...
CVE-2007-3331
Cross-site request forgery CSRF vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to change the admin password via 1 a certain HTML form that is posted automatically by JavaScript or 2 a news post...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to change the admin password via 1 a certain HTML form that is posted automatically by JavaScript or 2 a news post...
Cross site scripting
Cross-site scripting XSS vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization...
CVE-2007-3330
Cross-site scripting XSS vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization...
CVE-2007-3331
CVE-2007-3331 describes a cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO 4.0 . The issue allows remote attackers to change the admin password through either (a) a specific HTML form auto-posted by JavaScript or (b) a crafted news post. The provided sources reiterate that CS...
CVE-2007-3331
Cross-site request forgery CSRF vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to change the admin password via 1 a certain HTML form that is posted automatically by JavaScript or 2 a news post...
CVE-2007-3330
CVE-2007-3330 describes a stored cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0. The issue allows remote attackers to inject arbitrary web script or HTML via a news post that is stored in the news/ directory without proper sanitization. The root cause is the lack of input/outp...
[Full-disclosure] H4CREW-000005 EasyNews Pro 4.0 XSS & CSRF
I luv u Ms. Phisher u d4 d1am0nds 1n My Ski h4xorCrew Advirosy 5: Easynews PRO 4.0 XSS and CRSF =================================================== "the game of secuirity is like a sord fight you must think furst b4 you m0ve" H-4 h3r3 2 stay cuz we in da h0uz h4xorcewz n da house and r4w we g0nna...
CVE-2006-6866
STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt...
CVE-2006-6866
This CVE concerns STphp EasyNews PRO 4.0, where sensitive data is stored under the web root with insufficient access control. The vulnerability allows remote attackers to retrieve usernames, email addresses, and password hashes via a direct request for data/users.txt. The root cause is inadequate...
CVE-2006-6866
STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt...
EasyNews PRO News Publishing 4.0 Remote Password Disclosure Vulnerability
= EasyNews PRO News Publishing 4.0 Remote Password Disclosure Vulnerability = = Affected Software: Easy News 4.0 PRO = Risk: Critical = Download: http://www.stphp.com/scripts/EasyNewsPRO40.zip = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greets: str0ke, crashovernight, TheJT, Kacper...
EasyNews PRO News Publishing 4.0 Password Disclosure Vulnerability
No description provided by source. = EasyNews PRO News Publishing 4.0 Remote Password Disclosure Vulnerability = = Affected Software: Easy News 4.0 PRO = Risk: Critical = Download: http://www.stphp.com/scripts/EasyNewsPRO40.zip = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greets: str0ke...
EasyNews PRO News Publishing 4.0 - Password Disclosure
EasyNews PRO News Publishing 4.0 - Password Disclosure = EasyNews PRO News Publishing 4.0 Remote Password Disclosure Vulnerability Affected Software: Easy News 4.0 PRO = Risk: Critical = Download: http://www.stphp.com/scripts/EasyNewsPRO40.zip = Bugfounder: bd0rk = Contact: bd0rkathackermail.com ...
EasyNews PRO News Publishing 4.0 - Password Disclosure
= EasyNews PRO News Publishing 4.0 Remote Password Disclosure Vulnerability Affected Software: Easy News 4.0 PRO = Risk: Critical = Download: http://www.stphp.com/scripts/EasyNewsPRO40.zip = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greets: str0ke, crashovernight, TheJT, Kacper Usage:...
EasyNews PRO News Publishing 4.0 Password Disclosure Vulnerability
Exploit for unknown platform in category web applications ================================================================== EasyNews PRO News Publishing 4.0 Password Disclosure Vulnerability ================================================================== = Affected Software: Easy News 4.0 PRO...