EUVD-2005-2638

Malware in sbrugna...

EUVD-2005-2639

Malware in sbrugna...

PHPFreeNews 1.x Admin Login SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14442/info PHPFreeNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

PHPFreeNews 1.40 SearchResults.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14590/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues...

PHPFreeNews 1.40 NewsCategoryForm.php NewsMode Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14590/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues...

PHPFreeNews 1.x Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14439/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issue to have...

PHPFreeNews 1.40 SearchResults.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14589/info PHPFreeNews is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

CVE-2005-2637

Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 Match or 2 CatID parameter to SearchResults.php, or 3 the password to AccessControl.php...

CVE-2005-2638

Multiple cross-site scripting XSS vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 NewsMode parameter to NewsCategoryForm.php, or the 2 Match or 3 NewsMode parameter to SearchResults.php...

CVE-2005-2638

Multiple cross-site scripting XSS vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 NewsMode parameter to NewsCategoryForm.php, or the 2 Match or 3 NewsMode parameter to SearchResults.php...

CVE-2005-2638

CVE-2005-2638 concerns multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the NewsMode parameter to NewsCategoryForm.php, or (2) the Match or (3) NewsMode parameter to SearchResults....

CVE-2005-2637

PHPFreeNews 1.40 and earlier contains multiple SQL injection vulnerabilities. Remote attackers can manipulate SQL via (1) Match or (2) CatID parameters to SearchResults.php, or (3) the password to AccessControl.php. Affected product/version: PHPFreeNews 1.40 and earlier. Root cause: unsafely hand...

CVE-2005-2637

Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 Match or 2 CatID parameter to SearchResults.php, or 3 the password to AccessControl.php...

[Full-disclosure] PHPFreeNews v1.40 and prior Multiple Vulnerabilities

PHPFreeNews V1.40 and prior Multiple Vulnerabilities SEVERITY: ========= High SOFTWARE: ========= PHPFreeNews http://www.phpfreenews.co.uk/ INFO: ===== PHPFreeNews is a free PHP Script which allows you to display news headlines and articles on your website. DESCRIPTION: ============ PHPFreeNews...

phpfreenews140.txt

PHPFreeNews V1.40 and prior Multiple Vulnerabilities SEVERITY: ========= High SOFTWARE: ========= PHPFreeNews http://www.phpfreenews.co.uk/ INFO: ===== PHPFreeNews is a free PHP Script which allows you to display news headlines and articles on your website. DESCRIPTION: ============ PHPFreeNews...

PHPFreeNews 1.40 - 'searchresults.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/14589/info PHPFreeNews is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise o...

PHPFreeNews 1.40 - 'searchresults.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/14590/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

PHPFreeNews 1.40 - NewsCategoryForm.php?NewsMode Cross-Site Scripting

PHPFreeNews 1.40 - NewsCategoryForm.php?NewsMode Cross-Site Scripting source: https://www.securityfocus.com/bid/14590/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An...

PHPFreeNews 1.40 - 'NewsCategoryForm.php?NewsMode' Cross-Site Scripting

source: https://www.securityfocus.com/bid/14590/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code...

PHPFreeNews 1.40 - searchresults.php Multiple Cross-Site Scripting Vulnerabilities

PHPFreeNews 1.40 - searchresults.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14590/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...