14 matches found
EUVD-2006-6257
Malware in sbrugna...
Expinion.net News Manager Lite 2.5 category_news_headline.asp XSS
No description provided by source. source: http://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. The issues exist in the...
Expinion.net News Manager Lite 2.5 news_sort.asp filter Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. The issues exist in the...
Expinion.net News Manager Lite 2.5 more.asp ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. The issues exist in the...
Expinion.net Member Management System 2.1 error.asp err Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9932/info It has been reported that a number of Member Management System scripts are prone to cross-site scripting vulnerabilities. These issues are reportedly due to a failure to sanitize user input and so allow HTML and...
Expinion.net Member Management System 2.1 news_view.asp ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9931/info It has been reported that Member Management System may be prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The problem is reported to...
Expinion.Net Member Management System 'REF_URL' Parameter Cross-Site Scripting Vulnerability
The host is running Member Management System and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmembermanagementsystemxssvuln.nasl 5750 2017-03-28 14:10:17Z cfi $ Expinion.Net Member Management System 'REFURL' Parameter Cross-Site Scripting Vulnerability Authors...
Expinion.Net Member Management System 'REF_URL' Parameter Cross-Site Scripting Vulnerability
Member Management System is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2006-6274
SQL injection vulnerability in articles.asp in Expinion.net iNews 1 Publisher iNP 2.5 and earlier, and possibly 2 News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. NOTE: early reports of this issue reported it as XSS, but this was erroneous. The origina...
CVE-2006-6274
Summary: CVE-2006-6274 describes a SQL injection in the articles.asp path of Expinion.net iNews (Publisher/iNP) v2.5 and earlier, with possible scope to News Manager. The root cause is unsafely constructed SQL via the ex parameter, enabling remote attackers to execute arbitrary SQL commands. The ...
CVE-2006-6274
SQL injection vulnerability in articles.asp in Expinion.net iNews 1 Publisher iNP 2.5 and earlier, and possibly 2 News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. NOTE: early reports of this issue reported it as XSS, but this was erroneous. The origina...
CVE-2006-6180
Cross-site scripting XSS vulnerability in articles.asp in Expinion.net iNews Publisher iNP 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the hl parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party...
CVE-2006-6180
Cross-site scripting XSS vulnerability in articles.asp in Expinion.net iNews Publisher iNP 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the hl parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party...
CVE-2006-6180
CVE-2006-6180 is a reflected cross-site scripting vulnerability in articles.asp of Expinion.net iNews Publisher (iNP) 2.5 and earlier, triggered by the hl parameter. Root cause: improper sanitization of user input allowing arbitrary script/HTML injection. Impact: partial confidentiality, integrit...