EUVD-2006-2085

Malware in sbrugna...

EUVD-2006-1822

Malware in sbrugna...

EUVD-2006-3597

Malware in sbrugna...

EUVD-2006-1823

Malware in sbrugna...

FarsiNews 2.1 Loginout.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16440/info FarsiNews is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

FarsiNews 2.1/2.5 show_archives.php template Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/16580/info FarsiNews is prone to directory-traversal and local file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit the...

FarsiNews 2.1/2.5 Search.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17534/info FarsiNews is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of...

Farsinews 3.0 Tiny_mce_gzip.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18925/info Farsinews is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable...

FarsiNews 2.5.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17701/info FarsiNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have...

farsinews <= 2.5 - Directory Traversal arbitrary (users.db) access exploit

No description provided by source. !/usr/bin/perl FarsiNews 2.5pro Show User&Passowrd Exploit by Hessam-x www.hessamx.net / | \ | | / \ \ / | |/ // \ \ / \ Y // \ | \ /| | // / | / /\ | \ | / \ / / / / / / Iran Hackerz Security Team WebSite: www.hackerz.ir Description Name : FarsiNews...

Farsi News 3.0 Backup Disclosure

======================================================================================== | Title : Farsi News 3.0 Backup Dump Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | | Web Site : http://dl.p30vel.ir/scripts/[email protected]...

CVE-2006-3602

Directory traversal vulnerability in jscripts/tinymce/tinymcegzip.php in FarsiNews 3.0 BETA 1 allows remote attackers to include arbitrary files via a .. dot dot sequence and trailing null %00 byte in the language parameter in the advanced theme...

CVE-2006-3602

Directory traversal vulnerability in jscripts/tinymce/tinymcegzip.php in FarsiNews 3.0 BETA 1 allows remote attackers to include arbitrary files via a .. dot dot sequence and trailing null %00 byte in the language parameter in the advanced theme...

CVE-2006-3602

CVE-2006-3602 affects FarsiNews 3.0 BETA 1, via directory traversal in jscripts/tiny_mce/tiny_mce_gzip.php. The underlying flaw allows remote attackers to include arbitrary files by supplying .. and a trailing null (%00) byte in the language parameter of the advanced theme, enabling partial integ...

Farsinews 3.0 - Tiny_mce_gzip.php Directory Traversal

Farsinews 3.0 - Tinymcegzip.php Directory Traversal source: https://www.securityfocus.com/bid/18925/info Farsinews is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...

Farsinews 3.0 - &#039;Tiny_mce_gzip.php&#039; Directory Traversal

source: https://www.securityfocus.com/bid/18925/info Farsinews is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affecte...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameters in a index.php, and the 3 mod parameter in b admin.php...

CVE-2006-2084

Multiple cross-site scripting XSS vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameters in a index.php, and the 3 mod parameter in b admin.php...

CVE-2006-2084

Multiple cross-site scripting XSS vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameters in a index.php, and the 3 mod parameter in b admin.php...

CVE-2006-2084

CVE-2006-2084 describes multiple cross-site scripting (XSS) vulnerabilities in the FarsiNews 2.5.3 Pro and earlier. The flaws allow remote attackers to inject arbitrary web script or HTML through: (1) the month parameter and (2) the year parameter in index.php, and (3) the mod parameter in admin....