4 matches found
EUVD-2008-5789
Malware in sbrugna...
CVE-2008-5820
SQL injection vulnerability in eDNewsview.php in eDreamers eDNews 2 allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
CVE-2008-5819
Directory traversal vulnerability in eDNewsarchive.php in eDreamers eDNews 2, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lg parameter. NOTE: some of these details are obtained from third party information...
CVE-2008-5820
CVE-2008-5820: SQL injection in eDNews_view.php of eDreamers eDNews 2 via the newsid parameter (unsanitized input) allows remote attackers to alter/execute arbitrary SQL. Affected software is eDNews_view.php in eDNews 2; root cause is improper input handling. CVSS shows high impact (partial confi...