33 matches found
EUVD-2004-1649
Malware in sbrugna...
EUVD-2003-0729
Malware in sbrugna...
EUVD-2003-0728
Malware in sbrugna...
EUVD-2001-1344
Malware in sbrugna...
EUVD-2002-2157
Malware in sbrugna...
EUVD-2005-0566
Malware in sbrugna...
EUVD-2005-0573
Malware in sbrugna...
CVE-2011-4265
Cross-site scripting XSS vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2002-2178
Cross-site scripting XSS vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag...
[Full-disclosure] phpWebSite 0.10.1 Full SQL Injection
TITLE: ===== phpWebSite 0.10.1 Full SQL Injection SOFTWARE: ========== phpWebSite 0.10.1 Full INFO: ===== phpWebSite provides a complete web site content management system. DESCRIPTION: ============ phpWebSite 0.10.1 full is vulnerable to an sql injection attack. Here is an example:...
GLSA-200503-04 : phpWebSite: Arbitrary PHP execution and path disclosure
The remote host is affected by the vulnerability described in GLSA-200503-04 phpWebSite: Arbitrary PHP execution and path disclosure NST discovered that, when submitting an announcement, uploaded files aren't correctly checked for malicious code. They also found out that phpWebSite is vulnerable ...
CVE-2005-0572
index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEAsearchmodule parameter, which reveals the path in a PHP error message...
phpWebSite-0.10.0_exploit
oooo...oooo.oooooooo8.ooooooooooo .8888o..88.888........88..888..88 .88.888o88..888oooooo.....888 .88...8888.........888....888 o88o....88.o88oooo888....o888o Network security team nst.e-nex.com Title: phpWebSite = v0.10.0 Bug found by: nst Date: 24.02.2005 Web: phpwebsite.appstate.edu...
phpWebSite Image Announcement Upload Arbitrary Command Execution
The remote host is running a version of phpWebSite in which the Announcements module allows a remote attacker to both upload PHP scripts disguised as image files and later run them using the permissions of the web server user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload
phpWebSite 0.x - Image File Processing Arbitrary .PHP File Upload source: https://www.securityfocus.com/bid/12653/info phpWebSite is reported prone to a remote arbitrary PHP file upload vulnerability. The issue presents itself due to a lack of sanitization performed on image files that are upload...
CVE-2004-1655
Cross-site scripting XSS vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 CMpid parameter in the comments module or 2 the subject or message fields in the notes module...
CVE-2004-1516
CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the blockusername parameter in the user module...
CVE-2004-1516
CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the blockusername parameter in the user module...
GLSA-200411-35 : phpWebSite: HTTP response splitting vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-35 phpWebSite: HTTP response splitting vulnerability Due to lack of proper input validation, phpWebSite has been found to be vulnerable to HTTP response splitting attacks. Impact : A malicious user could inject arbitrary...
phpWebSite: HTTP response splitting vulnerability
Background phpWebSite is a web site content management system. Description Due to lack of proper input validation, phpWebSite has been found to be vulnerable to HTTP response splitting attacks. Impact A malicious user could inject arbitrary response data, leading to content spoofing, web cache...