EUVD-2006-5211

Malware in sbrugna...

EUVD-2006-5701

Malware in sbrugna...

Freenews <= 1.1 (moteur.php) Remote File Include Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Freenews v1.1 = chemin Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by...

FreeNews 2.1 Include Undefined Variable Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6258/info FreeNews is a freely available, open source News software package. It is written in PHP, and designed for use on Unix and Linux operating systems. Programming errors in FreeNews could lead to the inclusion of...

Freenews 1.1 Aff_News.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20795/info Freenews is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlyin...

FreeNews 1.1 Cross Site Scripting

Module : FREENEWS Version : 1.1 Edited by : prologin.fr Download : http://www.phpscripts-fr.net/scripts/download.php?id=688 Vulnerability : XSS vulnerability Author : Jonathan Salwan Mail : submit AT shell-storm.org Web : http://www.shell-storm.org Proof of Concept File : ./gestionnews.php Code o...

FreeNews 1.1 File Upload

Module : FREENEWS Version : 1.1 Edited by : prologin.fr Download : http://www.phpscripts-fr.net/scripts/download.php?id=688 Vulnerability : Upload vulnerability evil smiley Author : Jonathan Salwan Mail : submit AT shell-storm.org Web : http://www.shell-storm.org Proof of Concept File :...

CVE-2006-5716

Directory traversal vulnerability in affnews.php in FreeNews 2.1 allows remote attackers to include local files via a .. dot dot sequence in the chemin parameter, when the affnews parameter is not set to "1."...

CVE-2006-5716

CVE-2006-5716 affects FreeNews 2.1. A directory traversal flaw in aff_news.php allows remote attackers to include local files via a ".." sequence in the chemin parameter when aff_news is not set to "1". The vulnerability targets the file handling logic in FreeNews 2.1 and can expose local files t...

CVE-2006-5716

Directory traversal vulnerability in affnews.php in FreeNews 2.1 allows remote attackers to include local files via a .. dot dot sequence in the chemin parameter, when the affnews parameter is not set to "1."...

freenews-inc.txt

freenews--- fileinclude include "$chemin/config.php"; include "$chemin/functions.inc.php"; include "$chemin/options.inc.php"; name: MoHaNdKo E-mail : [email protected] exploit: www..com/path/affnews.php?chemin=shell.txt? Greatz: www.xp10.com & www.d4eg.org & www.dmazika.org www.tryag.com...

Freenews 1.1 - &#039;Aff_News.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/20795/info Freenews is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also...

Freenews 1.1 - Aff_News.php Remote File Inclusion

Freenews 1.1 - AffNews.php Remote File Inclusion source: https://www.securityfocus.com/bid/20795/info Freenews is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application an...

CVE-2006-5226

PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter...

CVE-2006-5226

CVE-2006-5226 is a PHP remote file inclusion vulnerability in Prologin.fr Freenews 1.1 and earlier, due to the chemin parameter in moteur/moteur.php, allowing remote attackers to execute arbitrary PHP code via a URL. Affected software: Freenews 1.1 and earlier. Impact: arbitrary code execution wi...

CVE-2006-5226

PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter...

Freenews v1.1 &lt;= &#40;chemin&#41; Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Freenews v1.1 = chemin Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish hacker...

freenews11-rfi.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Freenews v1.1 = chemin Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish hacker...

Freenews 1.1 - moteur.php Remote File Inclusion

Freenews 1.1 - moteur.php Remote File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Freenews v1.1 = chemin Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered...

Freenews 1.1 - &#039;moteur.php&#039; Remote File Inclusion

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Freenews v1.1 = chemin Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish hacker...