38 matches found
EUVD-2007-3184
Malware in sbrugna...
JFFNMS 0.8.3 auth.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
JFFNMS 0.8.3 admin/adm/test.php PHP Information Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
JFFNMS 0.8.3 auth.php user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
JFFNMS 0.8.3 admin/setup.php Direct Request Authentication Bypass
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
Debian: Security Advisory (DSA-1374-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1374-1 (jffnms)
The remote host is missing an update to jffnms announced via advisory DSA 1374-1. OpenVAS Vulnerability Test $Id: deb13741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1374-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-1374-1 : jffnms - several vulnerabilities
Several vulnerabilities have been discovered in jffnms, a web-based Network Management System for IP networks. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3189 Cross-site scripting XSS vulnerability in auth.php, which allows a remote attacker to...
[SECURITY] [DSA 1374-1] New jffnms packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA 1374-1 [email protected] http://www.debian.org/security/ Steve Kemp September 11, 2007 http://www.debian.org/security/faq -...
Information disclosure
Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...
CVE-2007-3191
Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...
CVE-2007-3190
Multiple SQL injection vulnerabilities in auth.php in Just For Fun Network Management System JFFNMS 0.8.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 user and 2 pass parameters...
CVE-2007-3204
SQL injection vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this...
Sql injection
SQL injection vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this...
CVE-2007-3189
Cross-site scripting XSS vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter...
CVE-2007-3190
Multiple SQL injection vulnerabilities in auth.php in Just For Fun Network Management System JFFNMS 0.8.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 user and 2 pass parameters...
CVE-2007-3191
Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...
Design/Logic Flaw
admin/setup.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to read and modify configuration settings via a direct request...
CVE-2007-3204
SQL injection vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this...
Cross site scripting
Cross-site scripting XSS vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter...