EUVD-2002-0264

Malware in sbrugna...

SPIP parameter improper validation vulnerability

SPIP, an Internet publishing system, is free software distributed under the General Public License GPL. prive/formulaires/configurerpreferences.php in versions of SPIP prior to 3.2.8 is vulnerable to couleur, display, display navigation, displayoutils, imessage, and spipecran parameters are...

CVE-2003-1553

Haakon Nilsen Simple Internet Publishing System SIPS 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory...

CVE-2003-1553

Technical details about CVE-2003-1553 (affected product/version, root cause, impact, mitigation) are not provided in the connected documents; no public details are available here. Monitor for updates.

Props 0.6.1 XSS and Remote File Viewing Vulnerability

Title: Props 0.6.1 XSS and Remote File Viewing Vulnerability. Software: Props 0.6.1 Vendor: http://props.sourceforge.net/ Platform: PHP4 and MySQL Description: PROPS is an open, extensible Internet publishing system designed specifically for periodicals such as newspapers and magazines who want t...

CVE-2003-1553

Haakon Nilsen Simple Internet Publishing System SIPS 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory...

CVE-2002-0267

preferences.php in Simple Internet Publishing System SIPS before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file...