15 matches found
EUVD-2004-1834
Malware in sbrugna...
EUVD-2004-1833
Malware in sbrugna...
PHP-Nuke MS-Analysis Module HTTP Referrer Field SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9948/info Reportedly the MS-Analysis module is prone to a remote SQL injection vulnerability. This issue is due to a failure to properly sanitize user supplied HTTP header input before using it in an SQL query. As a resul...
PHP-Nuke MS-Analysis Module Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9947/info It has been reported that MS-Analysis is prone to a multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI parameters. These...
CVE-2004-1841
SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request...
CVE-2004-1840
CVE-2004-1840 affects the MS Analysis module 2.0 for PHP-Nuke. The vulnerability is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary JavaScript/HTML via (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby parameter to mo...
CVE-2004-1841
CVE-2004-1841 concerns a SQL injection in MS Analysis module 2.0 for PHP-Nuke, allowing remote attackers to execute arbitrary SQL via the Referer header in an HTTP request. The available documents identify the affected component and the general vulnerability class but do not provide version-speci...
CVE-2004-1839
MS Analysis module 2.0 for PHP-Nuke exposes full path disclosure via direct requests to browsers.php, mstrack.php, or title.php, enabling Information Disclosure without user interaction. Root cause: PHP error messages reveal filesystem paths. The provided documents do not specify a patched versio...
CVE-2004-1840
Multiple cross-site scripting XSS vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the 1 screen parameter to modules.php, 2 modulename parameter to title.php, 3 sortby parameter to modules.php, or 4 overview parameter to...
CVE-2004-1841
SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request...
[waraxe-2004-SA#011 - Multiple vulnerabilities in MS Analysis v2.0 module for PhpNuke]
================================================================================ waraxe-2004-SA011 ================================================================================ Multiple vulnerabilities in MS Analysis v2.0 module for PhpNuke...
CVE-2004-1840
Multiple cross-site scripting XSS vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the 1 screen parameter to modules.php, 2 modulename parameter to title.php, 3 sortby parameter to modules.php, or 4 overview parameter to...
CVE-2004-1839
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to 1 browsers.php, 2 mstrack.php, or 3 title.php, which reveal the full path in a PHP error message...
PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection
PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection source: https://www.securityfocus.com/bid/9948/info Reportedly the MS-Analysis module is prone to a remote SQL injection vulnerability. This issue is due to a failure to properly sanitize user supplied HTTP header input before using ...
PHP-Nuke MS-Analysis Module - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/9947/info It has been reported that MS-Analysis is prone to a multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI parameters. These issues could permit a remote attacke...