EUVD-2005-0911

Malware in sbrugna...

EUVD-2005-0912

Malware in sbrugna...

EXoops Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12915/info Multiple input validation vulnerabilities reportedly affect exoops. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions...

phpRPC Library rpc_decoder.php decode() Function Arbitrary Code Execution

The remote host has installed on it the phpRPC library, an xmlrpc library written in PHP and bundled with applications such as RunCMS and exoops. The version of phpRPC on the remote host fails to sanitize user input to the 'server.php' script before using it in an 'eval' function, which may allow...

CVE-2005-0828

highlight.php in 1 RUNCMS 1.1A, 2 CIAMOS 0.9.2 RC1, 3 e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops exoops, allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from...

CVE-2005-0910

Multiple cross-site scripting XSS vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via 1 the sortdays parameter to viewforum.php or 2 the viewcat parameter to index.php...

CVE-2005-0910

Multiple cross-site scripting XSS vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via 1 the sortdays parameter to viewforum.php or 2 the viewcat parameter to index.php...

CVE-2005-0910

CVE-2005-0910 refers to multiple XSS vulnerabilities in exoops. The vulnerability allows remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php. Affected software is exoops (specific version details are not...

CVE-2005-0911

CVE-2005-0911 affects the XOOPS platform, with multiple SQL injection vulnerabilities in index.php. Specifically, the viewcat parameter of index.php and the artid parameter in the viewarticle action are vulnerable, allowing remote attackers to execute arbitrary SQL commands. The description indic...

CVE-2005-0911

Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via 1 the viewcat parameter to index.php or 2 the artid parameter in the viewarticle action for index.php...

CVE-2005-0911

Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via 1 the viewcat parameter to index.php or 2 the artid parameter in the viewarticle action for index.php...

[SA14697] exoops Cross-Site Scripting and SQL Injection Vulnerabilities

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: exoops Cross-Site Scripting and SQL Injection...

EXoops - Multiple Input Validation Vulnerabilities

EXoops - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/12915/info Multiple input validation vulnerabilities reportedly affect exoops. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out...

PT-2005-1857 · Ciamos +2 · Ciamos +2

Name of the Vulnerable Software and Affected Versions: RUNCMS version 1.1A CIAMOS version 0.9.2 RC1 e-Xoops version 1.05 Rev3 Description: The issue allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter. This can be used to read sensitive information...