39 matches found
EUVD-2006-6326
Malware in sbrugna...
EUVD-2007-4041
Malware in sbrugna...
EUVD-2012-5788
Malware in sbrugna...
EUVD-2012-5790
Malware in sbrugna...
EUVD-2007-6170
Malware in sbrugna...
EUVD-2006-6327
Malware in sbrugna...
EUVD-2006-6160
Malware in sbrugna...
CVE-2012-5914
Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...
CVE-2012-5915
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
CVE-2012-5916
Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...
Information disclosure
Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...
Information disclosure
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
CVE-2012-5915
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
CVE-2012-5916
Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...
CVE-2012-5914
Multiple cross-site scripting XSS vulnerabilities in the sedimport function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the 1 newmsg or 2 rtext parameter. NOTE: some of these details are obtained from third party...
CVE-2012-5916
CVE-2012-5916 concerns Neocrome Seditio build 161, where a remote attacker can disclose sensitive information by directly requesting one of three SQL files: docs/new/seditio-createnew-160.sql, docs/upgrade/sedito_convert_to_utf8.optional.sql, or system/install/install.parser.sql. The accompanying...
CVE-2012-5915
CVE-2012-5915 affects Neocrome Seditio builds 161 and earlier. The vulnerability is an information-disclosure flaw where remote attackers can cause an error message to reveal the installation path by directly requesting any of the following: view.php, plugins/contact/lang/contact.en.lang.php, sys...
CVE-2012-5914
Neocrome Seditio builds 160 and 161 contain multiple XSS vulnerabilities in the sed_import function (system/functions.php), exploitable via the newmsg or rtext parameters. Remote attackers could inject arbitrary web script or HTML. No explicit remediation information is provided in the connected ...
Sql injection
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pagsub parameter to plug.php...