59 matches found
EUVD-2003-1193
Malware in sbrugna...
EUVD-2002-2266
Malware in sbrugna...
EUVD-2003-1194
Malware in sbrugna...
EUVD-2001-0992
Malware in sbrugna...
EUVD-2002-1643
Malware in sbrugna...
EUVD-2002-2268
Malware in sbrugna...
EUVD-2005-3735
Malware in sbrugna...
EUVD-2002-2226
Malware in sbrugna...
Mambo Site Server 4.0.12 RC2 Cookie Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6926/info Mambo Site Server may grant access without sufficiently validating cookie based authentication credentials. It has been reported that Mambo will accept a user cookie sent by the site as an administrative...
Mambo Site Server 4.0.11 Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6387/info A vulnerability has been discovered in Mambo Site Server. Requesting the 'index.php' script with an invalid parameter will cause an error page to be generated containing the path of the Mambo script. Information...
Mambo Site Server 4.0.10 index.php Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7135/info Mambo Site Server has been reported prone to a cross-site scripting vulnerability. It has been reported that certain user supplied URI parameters are not sufficiently sanitized by the Mambo Site Server. As a...
Mambo Site Server 4.0.14 contact.php Unauthorized Mail Relay
No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...
Mambo Site Server 4.0.11 PHPInfo.PHP Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6376/info Mambo Site Server is a freely available, open source web content management tool. It is written in PHP, and available for Unix, Linux, and Microsoft Windows operating systems. It has been reported that Mambo...
CVE-2002-2290
Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges...
CVE-2002-2288
CVE-2002-2288 affects Mambo Site Server 4.0.11. The vulnerability allows a remote attacker to disclose the server’s physical path by issuing an HTTP request to index.php containing a non-existent parameter, which triggers an error message revealing the path. No explicit remediation or patch detai...
CVE-2002-2288
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message...
CVE-2002-2247
The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function...
CVE-2002-2247
The CVE-2002-2247 entry concerns Mambo Site Server 4.0.11 where the administrator/phpinfo.php script calls phpinfo(), enabling remote attackers to reveal sensitive information such as the full web root path. This is an information-disclosure flaw attributed to phpinfo() usage in that script. The ...
Beoped Portal XSS
Aria-Security.net Advisory Discovered by: O.u.t.l.a.w www.Aria-security.net Gr33t to: A.u.r.a & R@1D3N & Smok3r & DrtRp ----------------------------------------------------------- Software: BeoPed Portal Link And Online Demo : http://www.beoped.com/beoportal/index.php Attack method: Cross Site...
CVE-2005-3738
globals.php in Mambo Site Server 4.0.14 and earlier, when registerglobals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfigabsolutepath parameter to content.html.php for remote PHP file inclusion...