108 matches found
phpAdsNew / phpPgAds < 2.0.6 Multiple Vulnerabilities
The remote host is running phpAdsNew / phpPgAds, an open source banner ad server. The version of phpAdsNews / phpPgAds installed on the remote host suffers from several flaws : - Remote PHP Code Injection Vulnerability The XML-RPC library bundled with the application allows an attacker to inject...
CVE-2005-2635
Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a .. dot dot in the 1 layerstyle parameter to adlayer.php or 2 language parameter to js-form.php...
CVE-2005-2636
SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter...
CVE-2005-2635
Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a .. dot dot in the 1 layerstyle parameter to adlayer.php or 2 language parameter to js-form.php...
CVE-2005-2636
SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter...
CVE-2005-2636
The CVE-2005-2636 issue affects phpAdsNew/phpPgAds prior to version 2.0.6, where the libraries/lib-view-direct.inc.php clientid parameter enables SQL injection. This allows remote attackers to execute arbitrary SQL commands against the backend. The only concrete detail available is that the vulne...
CVE-2005-2635
CVE-2005-2635 affects phpAdsNew/phpPgAds prior to 2.0.6. The vulnerabilities are directory traversal / local file inclusion via unsanitized user input: the layerstyle parameter to adlayer.php and the language parameter to admin/js-form.php. Root cause is improper input validation used to include ...
security flaw
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier PEAR XML-RPC for PHP, as used in multiple products including 1 Drupal, 2 phpAdsNew, 3 phpPgAds, and 4 phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be...
phpAdsNew205.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16 Author: Maksymilian Arciemowicz cXIb8O3 from SECURITYREASON.COM TEAM Date: 14.07.2005 01:54 GMT+01.00 - --- 0.Description --- phpAdsNew is an open-source ad server, with an integrated banner...
[SECURITYREASON.COM] phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpAdsNew/phpPgAds 2.0.5 Local file inclusion cXIb8O3.16 Author: Maksymilian Arciemowicz cXIb8O3 from SECURITYREASON.COM TEAM Date: 14.07.2005 01:54 GMT+01.00 - --- 0.Description --- phpAdsNew is an open-source ad server, with an integrated banner...
[PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities
======================================================================== phpAdsNew / phpPgAds security advisory PHPADSNEW-SA-2005-001 ------------------------------------------------------------------------ Advisory ID: PHPADSNEW-SA-2005-001 Date: 2005-Aug-17 Security risk: highly critical...
CVE-2005-2498
PHPXMLRPC
CVE-2005-2498
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier PEAR XML-RPC for PHP, as used in multiple products including 1 Drupal, 2 phpAdsNew, 3 phpPgAds, and 4 phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be...
[SA15883] phpAdsNew XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-0790
phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to 1 lib-xmlrpcs.inc.php, 2 maintenance-activation.php, 3 maintenance-cleantables.php, 4 maintenance-autotargeting.php, 5 maintenance-reports.php, 6 phpads.php, 7 remotehtmlview.php, 8 click.php, 9...
CVE-2005-0791
Cross-site scripting XSS vulnerability in adframe.php in phpAdsNew 2.0.4-pr1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the refresh parameter...
CVE-2005-0791
CVE-2005-0791 describes an XSS vulnerability in the adframe.php component of phpAdsNew 2.0.4-pr1. The issue occurs when PHP’s register_globals is enabled, allowing remote attackers to inject arbitrary web script or HTML via the refresh parameter. The vulnerability is confirmed by multiple sources...
CVE-2005-0790
CVE-2005-0790 affects phpAdsNew 2.0.4. The vulnerability allows remote attackers to obtain sensitive information by directly requesting specific PHP scripts (lib-xmlrpcs.inc.php, maintenance-activation.php, maintenance-cleantables.php, maintenance-autotargeting.php, maintenance-reports.php, phpad...
[SECURITYREASON.COM] phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpAdsNew 2.0.4-pr1 Multiple vulnerabilities cXIb8O3.9 Author: Maksymilian Arciemowicz cXIb8O3 Date: 13.3.2005 from securityreason.com TEAM - --- 0.Description --- phpAdsNew is an open-source ad server, with an integrated banner management interface a...
CVE-2005-0791
Cross-site scripting XSS vulnerability in adframe.php in phpAdsNew 2.0.4-pr1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the refresh parameter...