16 matches found
EUVD-2009-2726
Malware in sbrugna...
EUVD-2009-2727
Malware in sbrugna...
opennews 1.0 (sqli/rce) Multiple Vulnerabilities
No description provided by source. + OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/opennews-sun/ + SQL Injection Auth Bypass - Note : magicquotesgpc = off - PoC...
Sql injection
SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
Code injection
Static code injection vulnerability in admin.php in sun-jester OpenNews 1.0 allows remote authenticated administrators to inject arbitrary PHP code into config.php via the "Overall Width" field in a setconfig action...
CVE-2009-2735
SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2009-2736
Static code injection vulnerability in admin.php in sun-jester OpenNews 1.0 allows remote authenticated administrators to inject arbitrary PHP code into config.php via the "Overall Width" field in a setconfig action...
CVE-2009-2735
SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2009-2735
The CVE-2009-2735 entry describes an SQL injection in sun-jester OpenNews 1.0, via admin.php when magic_quotes_gpc is disabled. The vulnerability affects the username parameter, enabling remote attackers to execute arbitrary SQL commands. This is documented in NVD and mirrored in multiple referen...
CVE-2009-2736
CVE-2009-2736 concerns sun-jester OpenNews 1.0. The vulnerability is a static code injection in admin.php that allows remote authenticated administrators to inject arbitrary PHP code into config.php via the “Overall Width” field in a setconfig action. The issue originates from the admin.php compo...
CVE-2009-2736
Static code injection vulnerability in admin.php in sun-jester OpenNews 1.0 allows remote authenticated administrators to inject arbitrary PHP code into config.php via the "Overall Width" field in a setconfig action...
OpenNews 1.0 SQL Injection / Command Execution
OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/opennews-sun/ + SQL Injection Auth Bypass - Note : magicquotesgpc = off - PoC http://127.0.0.1/admin.php Username : admin ' or...
OpenNews 1.0 (SQLI/RCE) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ======================================================= OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities ======================================================= + OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By...
opennews 1.0 - SQL Injection Remote Code Execution
opennews 1.0 - SQL Injection Remote Code Execution + OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/opennews-sun/ + SQL Injection Auth Bypass - Note : magicquotesgpc = off -...
OpenNews 1.0 (SQLI/RCE) Multiple Remote Vulnerabilities
No description provided by source. + OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/opennews-sun/ + SQL Injection Auth Bypass - Note : magicquotesgpc = off - PoC...
opennews 1.0 - SQL Injection / Remote Code Execution
OpenNews 1.0 SQLI/RCE Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/opennews-sun/ + SQL Injection Auth Bypass - Note : magicquotesgpc = off - PoC http://127.0.0.1/admin.php Username : admin ' or...