9 matches found
EUVD-2008-5248
Malware in sbrugna...
EUVD-2008-5249
Malware in sbrugna...
CVE-2008-5271
Cross-site scripting XSS vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...
Directory traversal
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the template parameter to 1 starnet/editors/fckeditor/studenteditor.php; 2 starnet/modules/snnews/editcontent.php, reached through...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...
CVE-2008-5271
Cross-site scripting XSS vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...
CVE-2008-5271
CVE-2008-5271 describes a Cross-site scripting (XSS) vulnerability in the SyndeoCMS 2.6.0 package (index.php) where the section parameter can be exploited to inject arbitrary web script/HTML. The cited sources confirm the vulnerability exists in SyndeoCMS 2.6.0 and indicate remote exploitation po...
CVE-2007-5840
PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2...
CVE-2007-5840
The CVE-2007-5840 entry concerns SyndeoCMS 2.5.01 (Fred Stuurman) with a PHP remote file inclusion flaw in starnet/themes/c-sky/main.inc.php. The underlying issue is an insecure cmsdir parameter that allows including a URL, enabling remote attackers to execute arbitrary PHP code. This vector is d...