EUVD-2006-7095

Malware in sbrugna...

EUVD-2006-7096

Malware in sbrugna...

EUVD-2006-5419

Malware in sbrugna...

P-News 1.16 Administrative Account Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7689/info A vulnerability has been reported that could enable a P-News member to create and access an administrative account. This is due to insufficient validation of data supplied to account editing input fields of...

P-News 2.0 - (user.txt) Remote Password Disclosure Vulnerability

No description provided by source...

P-News <= 1.16 Remote File Include Vulnerability

No description provided by source. ============================================ P-News 1.16, 1.17 Remote File Inclusion Vulnerability ============================================ Discovered by vegas78 - feel82atweb.de ============================================ Greetz: scoper, corny, smaesch0r,...

CVE-2006-7114

P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request. NOTE: this might be the same issue as CVE-2006-6888...

CVE-2006-7113

Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2006-7113

CVE-2006-7113 : Unrestricted file upload in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. The CVSSv2 base score is 7.5 (HIGH) with network access, low attack complexity, and no authentication required; impacts include partial conf., integrity, and av...

CVE-2006-7114

P-News 2.0 stores db/user.txt under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes via a direct request. NOTE: this might be the same issue as CVE-2006-6888...

CVE-2006-7114

In CVE-2006-7114, P-News 2.0 stores db/user.txt under the web document root, exposing user credentials due to insufficient access control. This allows remote attackers to directly request the file and obtain usernames and password hashes. The issue is corroborated by the NVD entry; no additional ...

CVE-2006-6888

P-News 1.16 and 1.17 store sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrative account name and password hash via a direct request for db/user.dat...

CVE-2006-6888

CVE-2006-6888 affects P-News 1.16 and 1.17, where sensitive data is stored under the web root with insufficient access control. The issue allows remote attackers to directly request db/user.dat and obtain the administrative account name and password hash. This is a direct information-disclosure a...

P-News 1.16 / 1.17 (user.dat) Remote Password Disclosure Vulnerablity

No description provided by source. P-News user.datRemote Password Disclosure Vulnerablity S.name:P-News Affected versions:1.17 and 1.16 Vendor:www.ppopn.net...

CVE-2006-6888

P-News 1.16 and 1.17 store sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrative account name and password hash via a direct request for db/user.dat...

P-News 1.16 / 1.17 (user.dat) Remote Password Disclosure Vulnerablity

Exploit for unknown platform in category web applications ===================================================================== P-News 1.16 / 1.17 user.dat Remote Password Disclosure Vulnerablity ===================================================================== P-News user.datRemote Password...

P-News 1.161.17 - user.dat Remote Password Disclosure

P-News 1.161.17 - user.dat Remote Password Disclosure P-News user.datRemote Password Disclosure Vulnerablity S.name:P-News Affected versions:1.17 and 1.16 Vendor:www.ppopn.net Risk:Very Highly Critical Author:Dr Max Virus Location:Egypt POC: http:/target/path/db/user.dat As We see Admin name and...

P-News 1.16/1.17 - &#039;user.dat&#039; Remote Password Disclosure

P-News user.datRemote Password Disclosure Vulnerablity S.name:P-News Affected versions:1.17 and 1.16 Vendor:www.ppopn.net Risk:Very Highly Critical Author:Dr Max Virus Location:Egypt POC: http:/target/path/db/user.dat As We see Admin name and hash !!!!!!!!!!!!!!!!!!!!!!!!!! You can crack the...

P-News v2 (user.txt) Remote Password Disclosure Vulnerability

No description provided by source. P-News V² - user.txt Information Disclosure Vulnerability Critical Level : Dangerous Script Download: http://download.planerd.net/dir/php Bugfounder: Lu7k Contact Me : www.school-of-hack.de or [email protected]...

P-News v2 (user.txt) Remote Password Disclosure Vulnerability

Exploit for unknown platform in category web applications ============================================================= P-News v2 user.txt Remote Password Disclosure Vulnerability ============================================================= P-News V2 - user.txt Information Disclosure Vulnerabili...