24 matches found
EUVD-2007-6506
Malware in sbrugna...
EUVD-2007-5031
Malware in sbrugna...
EUVD-2007-6507
Malware in sbrugna...
Neuron News 1.0 Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26896/info Neuron News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and two cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting...
CVE-2007-6540
SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/...
Sql injection
SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the topic parameter in a viewtopic action, or the 2 newsyear or 3 newsmonth parameter in a newsarchive action to the default URI in patch/...
CVE-2007-6541
Multiple cross-site scripting XSS vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the topic parameter in a viewtopic action, or the 2 newsyear or 3 newsmonth parameter in a newsarchive action to the default URI in patch/...
CVE-2007-6540
SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/...
CVE-2007-6541
Multiple cross-site scripting XSS vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via 1 the topic parameter in a viewtopic action, or the 2 newsyear or 3 newsmonth parameter in a newsarchive action to the default URI in patch/...
CVE-2007-6541
CVE-2007-6541 describes multiple cross-site scripting (XSS) vulnerabilities in the web application neuron news 1.0 . The flaw allows remote attackers to inject arbitrary web script or HTML via 1) the topic parameter in a viewtopic action, or 2) the newsyear or 3) the newsmonth parameter in a news...
CVE-2007-6540
CVE-2007-6540: A SQL injection in neuron news 1.0 is triggered by the q parameter to the default URI in patch/. The vulnerability enables remote execution of arbitrary SQL commands. Root cause: improper handling of user input in the affected patch/ endpoint (no details on code path provided). Imp...
Neuron News 1.0 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities
Neuron News 1.0 - Multiple SQL Injections Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/26896/info Neuron News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and two cross-site scripting issues, because it fails to...
Neuron News 1.0 - Multiple SQL Injections / Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/26896/info Neuron News is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and two cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attack...
neuron-lfi.txt
\|/// \ - - // Y! Underground Group @ @ ----oOOo---oOOo-------------------------------------------------- Portal : Neuron News 1.0 Download : http://downloads.localhost.be/scripts/neuronnews.zip Author : Dj7xpl HomePage : http://r00t.ir / http://Dj7xpl.2600.ir Type : Local File Inclusion...
CVE-2007-5050
Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the q parameter...
Directory traversal
Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the q parameter...
CVE-2007-5050
Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the q parameter...
Neuron News 1.0 Local file inclusion (index.php)
+++++++++++++++++++++++++++++++++++++++++++ Neuron News 1.0 Local File inclusion +++++++++++++++++++++++++++++++++++++++++++ Founded By Seph1roth http://blackroots.it Vulnerable Script Download: http://downloads.localhost.be/scripts/neuronnews.zip Bug : http://TARGET/PATH/index.php?q=Local File00...
CVE-2007-5050
The CVE-2007-5050 entry describes a directory traversal in Neuron News 1.0: index.php vulnerable to a ".." in the q parameter, permitting remote attackers to include and execute arbitrary local files. Affected software: Neuron News 1.0 (PHP). Root cause is improper input validation on q that perm...