15 matches found
EUVD-2002-0900
Malware in sbrugna...
EUVD-2006-7164
Malware in sbrugna...
Mnews <= 1.1 (view.php) SQL Injection
No description provided by source. ??php / Exploit Title: Mnews = 1.1 SQL Injection Google Dork: inurl:mnews/view.php Google Dork: intitle:Mnews sistena de news Date: 03rd 06 2012 Software Link: http://phpbrasil.com/script/eo4aWVVzFd/mnews-sistema-de-noticias Version: 1.1 Tested on: Debian...
Mnews 1.1 SQL injection
\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/mnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "view.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...
Mnews 1.1 - 'view.php' SQL Injection
\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/mnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "view.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...
Mnews 1.1 - view.php SQL Injection
Mnews 1.1 - view.php SQL Injection \n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/mnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "view.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get...
CVE-2006-7182
PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
CVE-2006-7182
The CVE-2006-7182 issue is a PHP remote file inclusion in noticias.php for MNews 2.0 and earlier. The vulnerability allows remote code execution via a URL supplied to the inc parameter, yielding a CVSS v2 base score of 10.0 (HIGH) with network attack vector and no authentication. Affected: notici...
CVE-2006-7182
PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...
mnews20-rfi.txt
===================================================================== MNews = 2.0 noticias.php Remote File Inclue Vulnerability ===================================================================== Author : Le CoPrA ===================================================================== Download...
MNews <= 2.0 (noticias.php) Remote File Inclue Vulnerability
===================================================================== MNews = 2.0 noticias.php Remote File Inclue Vulnerability ===================================================================== Author : Le CoPrA ===================================================================== Download...
CVE-2002-0909
Multiple buffer overflows in mnews 1.22 and earlier allow 1 a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments 2 -f, 3 -n, 4 -D, 5 -M, or 6 -P, or via long environment variables 7 JNAMES or 8 MAILSERVER...
CVE-2002-0909
CVE-2002-0909 affects mnews 1.22 and earlier. The issue involves multiple buffer overflows that can be triggered by excessively long NNTP responses, long command-line arguments (-f, -n, -D, -M, -P) or long environment variables (JNAMES, MAILSERVER), enabling either remote code execution by a serv...
CVE-2002-0909
Multiple buffer overflows in mnews 1.22 and earlier allow 1 a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments 2 -f, 3 -n, 4 -D, 5 -M, or 6 -P, or via long environment variables 7 JNAMES or 8 MAILSERVER...
SRT Security Advisory (SRT2002-04-31-1159): Mnews
====================================================================== Strategic Reconnaissance Team Security Advisory SRT2002-04-31-1159 Topic : Mnews local and remote overflow vulnerabilities Date : May 31, 2002 Credit : zillionatsafemode.org Site : http://www.snosoft.com...