Cross site scripting

A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...

News Script PHP Pro Cross-Site Scripting Vulnerability

News Script PHP Pro is a PHP/MySQL based web script from Simple PHP Scripts for displaying news on your website. A cross-site scripting vulnerability exists in News Script PHP Pro 2.3. The vulnerability can be exploited to conduct cross-site scripting attacks via the editorname parameter...

Cross site request forgery (csrf)

SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery CSRF vulnerability, which allows attackers to add new users...

Sql injection

SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action...

Session fixation

SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies...

Easy News Pro 1.5 Bypass / SQL Injection / File Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...

News Script PHP 1.2 - Multiple Vulnerabilites

No description provided by source. Title: ====== News Script PHP v1.2 - Multiple Web Vulnerabilites Date: ===== 2012-06-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=600 VL-ID: ===== 600 Common Vulnerability Scoring System: ==================================== 7.5...

News Script PHP Pro - (fckeditor) File Upload Vulnerability

No description provided by source...

News Script PHP v1.2 - Multiple Web Vulnerabilites

Title: ====== News Script PHP v1.2 - Multiple Web Vulnerabilites Date: ===== 2012-06-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=600 VL-ID: ===== 600 Common Vulnerability Scoring System: ==================================== 7.5 Introduction: ============= Visitor...

News Script PHP 1.2 - Multiple Vulnerabilities

Title: ====== News Script PHP v1.2 - Multiple Web Vulnerabilites Date: ===== 2012-06-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=600 VL-ID: ===== 600 Common Vulnerability Scoring System: ==================================== 7.5 Introduction: ============= Visitor...

News Script PHP Pro (fckeditor) File Upload Vulnerability

Exploit for php platform in category web applications » Title : News Script PHP Pro fckeditor File Upload Vulnerability » Script : News Script PHP Pro » TestedON: linux/php » Download: http://newsscriptphp.com/ » Author : Net.Edit0r » Email : email protected » Date : 2010-12-26 » Version ...

News Script PHP Pro Shell Upload

============================================================================== » News Script PHP Pro fckeditor File Upload Vulnerability ============================================================================== » Title : News Script PHP Pro fckeditor File Upload Vulnerability » Script : News...

News Script PHP Pro - 'FCKeditor' Arbitrary File Upload

============================================================================== » News Script PHP Pro fckeditor File Upload Vulnerability ============================================================================== » Title : News Script PHP Pro fckeditor File Upload Vulnerability » Script : News...

News Script PHP Pro - FCKeditor Arbitrary File Upload

News Script PHP Pro - FCKeditor Arbitrary File Upload ============================================================================== » News Script PHP Pro fckeditor File Upload Vulnerability ============================================================================== » Title : News Script PHP P...