27 matches found
EUVD-2011-3692
Malware in sbrugna...
EUVD-2010-4159
Malware in sbrugna...
CVE-2011-3734
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
Energine CMS SQL Injection Vulnerability
No description provided by source. Vulnerability ID: HTB22655 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenergine.html Product: Energine Vendor: Energine http://energine.org/ Vulnerable Version: Vendor Notification: 13 October 2010 Vulnerability Type: SQL Injection Status: Not Fixed...
energine 2.3.8 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status:...
CVE-2011-3734
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
Information disclosure
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
CVE-2011-3734
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...
CVE-2011-3734
Energine 2.3.8 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (illustrated by core/framework/SimpleBuilder.class.php and related files). The impa...
Energine 2.3.8 Multiple Vulnerabilities
Exploit for php platform in category web applications Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: Medium Credit: High-Tech...
Energine 2.3.8 Cross Site Request Forgery / Path Disclosure / SQL Injection
==================================== Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vendor: Energine http://www.memht.com/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010...
energine 2.3.8 - Multiple Vulnerabilities
energine 2.3.8 - Multiple Vulnerabilities Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection...
SQL injection vulnerability in Energine
Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vendor: Energine http://www.memht.com/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection...
XSRF (CSRF) in Energine
Vulnerability ID: HTB22782 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinenergine.html Product: Energine Vendor: Energine http://www.energine.org/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...
Path disclosure in Energine
Vulnerability ID: HTB22784 Reference: http://www.htbridge.ch/advisory/pathdisclosureinenergine.html Product: Energine Vendor: Energine http://www.energine.org/ Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: Path disclosure Status: N...
energine 2.3.8 - Multiple Vulnerabilities
Vulnerability ID: HTB22783 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinenergine.html Product: Energine Vulnerable Version: 2.3.8 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaitin...
Energine 'NRGNSID' Cookie SQL Injection Vulnerability
Energine is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-4185
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie...
Sql injection
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie...
CVE-2010-4185
SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the NRGNSID cookie...