39 matches found
EUVD-2006-6326
Malware in sbrugna...
EUVD-2007-4041
Malware in sbrugna...
EUVD-2012-5788
Malware in sbrugna...
EUVD-2012-5790
Malware in sbrugna...
EUVD-2007-6170
Malware in sbrugna...
EUVD-2006-6160
Malware in sbrugna...
EUVD-2006-6327
Malware in sbrugna...
CVE-2012-5914
Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...
CVE-2012-5915
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
CVE-2012-5916
Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...
Information disclosure
Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...
Information disclosure
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...
CVE-2012-5915
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
CVE-2012-5916
Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...
CVE-2012-5915
CVE-2012-5915 affects Neocrome Seditio builds 161 and earlier. The vulnerability is an information-disclosure flaw where remote attackers can cause an error message to reveal the installation path by directly requesting any of the following: view.php, plugins/contact/lang/contact.en.lang.php, sys...
CVE-2012-5914
Neocrome Seditio builds 160 and 161 contain multiple XSS vulnerabilities in the sed_import function (system/functions.php), exploitable via the newmsg or rtext parameters. Remote attackers could inject arbitrary web script or HTML. No explicit remediation information is provided in the connected ...
CVE-2012-5914
Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...
CVE-2012-5916
CVE-2012-5916 concerns Neocrome Seditio build 161, where a remote attacker can disclose sensitive information by directly requesting one of three SQL files: docs/new/seditio-createnew-160.sql, docs/upgrade/sedito_convert_to_utf8.optional.sql, or system/install/install.parser.sql. The accompanying...
Sql injection
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pagsub parameter to plug.php...