17 matches found
EUVD-2006-1561
Malware in sbrugna...
EUVD-2004-0327
Malware in sbrugna...
phpNewsManager 1.36 Functions Script File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9720/info phpNewsManager is prone to a file disclosure vulnerability. Remote attackers may submit malicious requests to the software that contain directory traversal sequences, potentially exposing sensitive resources...
phpNewsManagerfunctions.php脚本文件泄露漏洞 Exploit
No description provided by source. G00db0y ([email protected])提供了如下测试方法: http://address/directory/functions.php?clang=../../../../../../../../../../../../etc/passwd...
[eVuln] phpNewsManager Multiple SQL Injections
New eVuln Advisory: phpNewsManager Multiple SQL Injections http://evuln.com/vulns/110/summary.html --------------------Summary---------------- eVuln ID: EV0110 CVE: CVE-2006-1560 Vendor: SkinTech Group Vendor's Web Site: http://www.skintech.org/ Software: phpNewsManager Versions: 1.48 Critical...
[eVuln] phpNewsManager Multiple SQL Injections
New eVuln Advisory: phpNewsManager Multiple SQL Injections http://evuln.com/vulns/110/summary.html --------------------Summary---------------- eVuln ID: EV0110 CVE: CVE-2006-1560 Vendor: SkinTech Group Vendor's Web Site: http://www.skintech.org/ Software: phpNewsManager Versions: 1.48 Critical...
Sql injection
Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly 1 id and 2 topicid, in a browse.php, b category.php, c gallery.php, d poll.php, and e possibly other unspecified scripts. NOTE:...
CVE-2006-1560
Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly 1 id and 2 topicid, in a browse.php, b category.php, c gallery.php, d poll.php, and e possibly other unspecified scripts. NOTE:...
CVE-2006-1560
Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly 1 id and 2 topicid, in a browse.php, b category.php, c gallery.php, d poll.php, and e possibly other unspecified scripts. NOTE:...
CVE-2006-1560
SkinTech phpNewsManager 1.48 is affected by multiple SQL injection vulnerabilities. The issue arises in server-side scripts (browse.php, category.php, gallery.php, poll.php, and possibly others) where user-defined variables are not properly sanitized before being used in SQL queries, allowing rem...
CVE-2004-0327
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. dot dot sequences in the clang parameter...
CVE-2004-0327
CVE-2004-0327 affects PhpNewsManager 1.46. A directory traversal vulnerability exists in functions.php, allowing remote attackers to retrieve arbitrary files via .. sequences in the clang parameter. The provided documents confirm the vulnerable component and the exploitation vector but do not inc...
CVE-2004-0327
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. dot dot sequences in the clang parameter...
[UNIX] phpNewsManager Directory Travarsal
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
phpNewsManager 1.36 - functions Script File Disclosure
source: https://www.securityfocus.com/bid/9720/info phpNewsManager is prone to a file disclosure vulnerability. Remote attackers may submit malicious requests to the software that contain directory traversal sequences, potentially exposing sensitive resources outside of the hosting web server roo...
ZH2004-09SA.txt
ZH2004-09SA security advisory: PhpNewsManager Remote arbitrary files retrieving Discovered: 02 february 2004 Vendor Contacted: 10 february 2004 Published: 23 february 2004 Name: PhpNewsManager Affected Systems: 1.46 Issue: Remote file retrieving Author: G00db0y from Zone-h Security Labs -...
phpNewsManager 1.36 - functions Script File Disclosure
phpNewsManager 1.36 - functions Script File Disclosure source: https://www.securityfocus.com/bid/9720/info phpNewsManager is prone to a file disclosure vulnerability. Remote attackers may submit malicious requests to the software that contain directory traversal sequences, potentially exposing...