27 matches found
EUVD-2010-4159
Malware in sbrugna...
EUVD-2011-3692
Malware in sbrugna...
CVE-2011-3734
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
Energine CMS SQL Injection Vulnerability
No description provided by source. Vulnerability ID: HTB22655 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenergine.html Product: Energine Vendor: Energine http://energine.org/ Vulnerable Version: Vendor Notification: 13 October 2010 Vulnerability Type: SQL Injection Status: Not Fixed...
energine 2.3.8 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status:...
CVE-2011-3734
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
Information disclosure
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
CVE-2011-3734
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
CVE-2011-3734
Energine 2.3.8 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (illustrated by core/framework/SimpleBuilder.class.php and related files). The impa...
Energine 2.3.8 Multiple Vulnerabilities
Exploit for php platform in category web applications Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Medium Credit: High-Tech...
XSRF (CSRF) in Energine
Vulnerability ID: HTB22782 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinenergine.html Product: Energine Vendor: Energine http://www.energine.org/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...
energine 2.3.8 - Multiple Vulnerabilities
Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaitin...
Path disclosure in Energine
Vulnerability ID: HTB22784 Reference: http://www.htbridge.ch/advisory/pathdisclosureinenergine.html Product: Energine Vendor: Energine http://www.energine.org/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: Path disclosure Status: N...
energine 2.3.8 - Multiple Vulnerabilities
energine 2.3.8 - Multiple Vulnerabilities Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection...
Energine 2.3.8 Cross Site Request Forgery / Path Disclosure / SQL Injection
==================================== Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vendor: Energine http://www.memht.com/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010...
SQL injection vulnerability in Energine
Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vendor: Energine http://www.memht.com/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection...
Energine 'NRGNSID' Cookie SQL Injection Vulnerability
Energine is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-4185
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie...
Sql injection
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie...
CVE-2010-4185
Energine 'NRGNSID' Cookie SQL Injection Vulnerability (CVE-2010-4185) affects index.php; the vulnerability allows remote attackers to inject SQL via the NRGNSID cookie, potentially affecting Energine versions 2.3.8 and earlier. The OpenVAS entry confirms SQLi in Energine and links to related advi...