PHPNews < 1.2.5 auth.php path Parameter Remote File Inclusion

Binary data 2665.prm...

CVE-2005-0632

PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter...

PHPNews 1.2.31.2.4 - auth.php Remote File Inclusion

PHPNews 1.2.31.2.4 - auth.php Remote File Inclusion source: https://www.securityfocus.com/bid/12696/info It is reported that PHPNews is affected by a remote PHP file include vulnerability. This issue is due in part to the application failing to properly sanitize user-supplied input. This issue...

PHPNews 1.2.3/1.2.4 - &#039;auth.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/12696/info It is reported that PHPNews is affected by a remote PHP file include vulnerability. This issue is due in part to the application failing to properly sanitize user-supplied input. This issue reportedly affects PHPNews version 1.2.4, previous...

CVE-2004-2474

SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php...

[SA13300] PHPNews &quot;mid&quot; Parameter SQL Injection Vulnerability

TITLE: PHPNews "mid" Parameter SQL Injection Vulnerability SECUNIA ADVISORY ID: SA13300 VERIFY ADVISORY: http://secunia.com/advisories/13300/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: PHPNews 1.x http://secunia.com/product/4313/ DESCRIPTION: A...