412 matches found
CVE-2005-3201
SQL injection vulnerability in news.php for Utopia News Pro UNP 1.1.3, when magicquotesgpc is disabled and registerglobals is enabled, allows remote attackers to execute arbitrary SQL via the newsid parameter...
CVE-2005-2156
CVE-2005-2156 describes a SQL injection in PHPNews 1.2.5 via the prevnext parameter in news.php. A remote attacker could exploit this to influence database queries and potentially expose information. Related advisories corroborate exploitation potential and indicate the issue affects PHPNews prio...
CVE-2004-2042
Multiple SQL injection vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary SQL code and gain sensitive information via 1 content parameter to content.php, 2 contentid parameter to content.php, or 3 list parameter to news.php...
CVE-2005-1237
SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
CVE-2005-1237
Vulnerability summary (CVE-2005-1237) : The issue affects FlexPHPNews 0.0.3, specifically the news.php component. It is a SQL injection vulnerability exploitable via the newsid parameter, allowing remote attackers to execute arbitrary SQL commands. The NVD metadata reports a network-facing vector...
ModernGigabyte ModernBill 4.3 - news.php File Inclusion
ModernGigabyte ModernBill 4.3 - news.php File Inclusion source: https://www.securityfocus.com/bid/13086/info ModernBill is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the...
ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion
source: https://www.securityfocus.com/bid/13086/info ModernBill is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'news.php' script. ModernBill 4.3 and prior versions are...
siteman119.txt
New XSS Vulnerability in Siteman v1.1.9, Discovered by PersianHacker.NET Security Team by Pi3cH pi3ch yahoo com http://www.PersianHacker.NET Siteman is a Content Management System CMS that is so easy to install and use, that a person who has no knowledge about creating homepages can get a...
XSS Vulnerability in Siteman v1.1.9
New XSS Vulnerability in Siteman v1.1.9, Discovered by PersianHacker.NET Security Team by Pi3cH pi3ch yahoo com http://www.PersianHacker.NET Siteman is a Content Management System CMS that is so easy to install and use, that a person who has no knowledge about creating homepages can get a...
CVE-2004-2511
Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...
ttCMS/ttForum multiple bugs
SQL injection via username in Profile.php. PHP injection in News.php, install.php...
Another YabbSE Remote Code Execution Vulnerability
YabbSE Remote Code Execution 2 Vulnerability By Mindwarper :: [email protected] :: ------- ------- ---------------------- Vendor Information: ---------------------- Homepage : http://www.yabbse.org Vendor : informed Mailed advisory: 24/01/02 Vender Response : None ---------------------- Affecte...