EUVD-2008-4330

Malware in sbrugna...

Paranews 3.4 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31152/info Paranews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

CVE-2008-4349

The CVE-2008-4349 entry relates to multiple XSS vulnerabilities in the news.php component of s0nic Paranews 3.4, exploitable via the (1) id or (2) page parameter in a details action. Evidence from NVD and related records confirms a cross-site scripting flaw that could allow remote attackers to in...

CVE-2008-4349

Multiple cross-site scripting XSS vulnerabilities in news.php in s0nic Paranews 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 id or 2 page parameter in a details action...

Paranews 3.4 - Multiple Cross-Site Scripting Vulnerabilities

Paranews 3.4 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/31152/info Paranews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute...

Paranews 3.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/31152/info Paranews is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...

paranews-xss.txt

Author : Xylitol Contact : n/a Vendor : s0nic www.monxoom.de Version: 3.4 D0rks : Powered by Paranews 3.4 Public release vulnz: 10/09/08 Impact: low Stop lammer 1. Description: Auf den Namen »ParaNews« habe ich mein Newsscript getauft, welches zur Pflege eines Newsbereich in einer Website gedacht...