53 matches found
EUVD-2003-0745
Malware in sbrugna...
EUVD-2004-2680
Malware in sbrugna...
EUVD-2006-3356
Malware in sbrugna...
EUVD-2006-0420
Malware in sbrugna...
EUVD-2006-3355
Malware in sbrugna...
EUVD-2004-2678
Malware in sbrugna...
EUVD-2004-2679
Malware in sbrugna...
EUVD-2003-0744
Malware in sbrugna...
CVE-2003-0754
nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphpusers array, which is used for authentication...
CVE-2003-0753
nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphpconfigLangFile parameter...
newsPHP 216 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8488/info A file include vulnerability has been reported in the nphpd.php module of newsPHP that may permit an attacker to include and execute malicious script code on a vulnerable host. The issue is reported to exist in...
NewsPHP Index.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16339/info NewsPHP is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...
newsPHP 2006 PRO inc/rss_feed.php category Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/18726/info NewsPHP 2006 PRO is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properl...
newsPHP 2006 PRO index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/18726/info NewsPHP 2006 PRO is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properl...
Unfixed XSS vulnerability at www.febrilnotropeni.net
Security researcher VirtualSystEm, has submitted on 31/12/2010 a cross-site-scripting XSS vulnerability affecting www.febrilnotropeni.net, which at the time of submission ranked 9063158 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011...
CVE-2004-2688
Cross-site scripting XSS vulnerability in index.php in NewsPHP allows remote attackers to inject arbitrary web script or HTML via the catid parameter. NOTE: this issue might overlap vector 3 in CVE-2006-3358...
CVE-2004-2688
CVE-2004-2688 / CVE-2006-3358 describe multiple XSS vulnerabilities in NewsPHP’s index.php. The issue is triggered by unsanitized user input through the cat_id parameter (and other vectors in related CVEs), which can cause arbitrary web script/HTML to be injected and reflected in error pages. The...
CVE-2004-2689
CVE-2004-2689 affects NewsPHP. The vulnerability allows remote attackers to gain unauthorized administrative access by setting a cookie to the value "autorized=admin; root=admin". The provided sources (NVD entry) indicate a HIGH impact with a CVSS v2 base score of 10.0, but no concrete remediatio...
CVE-2004-2690
Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files...
CVE-2004-2689
NewsPHP allows remote attackers to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value...