23 matches found
EUVD-2006-6250
Malware in sbrugna...
EUVD-2004-1949
Malware in sbrugna...
EUVD-2005-0617
Malware in sbrugna...
EUVD-2005-2690
Malware in sbrugna...
PostNuke 0.76 RC4b Comments Module - 'moderate' Cross-Site Scripting
source: https://www.securityfocus.com/bid/14635/info PostNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input. This can lead to theft of cookie-based authentication credentials, as well as oth...
PostNuke 0.76 RC4b - user.php?htmltext Cross-Site Scripting
PostNuke 0.76 RC4b - user.php?htmltext Cross-Site Scripting source: https://www.securityfocus.com/bid/14635/info PostNuke is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input. This can lead to thef...
PostNuke < 0.760 RC3 Multiple Vulnerabilities
Binary data 2662.prm...
[SA14433] PostNuke Multiple Vulnerabilities
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
PostNuke <= 0.760 RC2 Multiple Vulnerabilities
The remote host is running PostNuke version 0.760 RC2 or older. These versions suffer from several vulnerabilities, among them : - SQL injection vulnerability in the News, NS-Polls and NS-AddStory modules. - SQL injection vulnerability in the Downloads module. - Cross-site scripting vulnerabiliti...
CVE-2005-0616
Multiple cross-site scripting XSS vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 Program name, 2 File link, 3 Author name 4 Author e-mail address, 5 File size, 6 Version, or 7 Home page variables...
postnuke -- SQL injection vulnerabilities
Two separate SQL injection vulnerabilities have been identified in the PostNuke PHP content management system. An attacker can use this vulnerability to potentially insert executable PHP code into the content management system to view all files within the PHP scope, for instance. Various other SQ...
Multiple Full Disclosure Path in postnuke 0.750 phoenix
CODEBUG Labs Advisory 6 Title: Multiple Full Disclosure Path in postnuke 0.750 phoenix Author: FAiN182 - [email protected] Product: Postnuke 0.750 Phoenix Type: Full disclosure path Web: http://www.mantralab.org Personal Site: http://fain182.altervista.org --- the product Postnuke is a CMS...
[Full-Disclosure] Multiple vulnerabilities PostNuke
Original Advisory: http://www.swp-zone.org/archivos/advisory-10.txt ------------------------------------------------------------------------------------------------- :.: Multiple vulnerabilities PostNuke :.: PROGRAM: PostNuke HOMEPAGE: http://www.postnuke.com/ VERSION: 0.75-RC3, 0.726-3 BUG:...
[waraxe-2004-SA#022 - Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2]
================================================================================ waraxe-2004-SA022 ================================================================================ Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2...
waraxe-2004-SA022.txt
================================================================================ waraxe-2004-SA022 ================================================================================ Multiple vulnerabilities in PostNuke 0.726 Phoenix - part 2...
CVE-2004-1957
Multiple cross-site scripting XSS vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the 1 lid and query parameters to the Downloads module, 2 query parameter to the Weblinks module, or 3 hlpfile parameter to openwindow.php...
[Full-Disclosure] [waraxe-2004-SA#020 - Multiple vulnerabilities in PostNuke 0.726 Phoenix]
================================================================================ waraxe-2004-SA020 ================================================================================ Multiple vulnerabilities in PostNuke 0.726 Phoenix...
PostNuke Issues (0.726 && Possibly Older)
Vendor : PostNuke URL : http://www.postnuke.com Version : PostNuke 0.726 Phoenix && Older?? Risk : SQL Injection && XSS Description: Postnuke is a popular Open Source CMS Content Managment System used by millions of people all across the world. SQL Injection: SQL Injection is possible by passing...
PostNuke 0.726 Phoenix - Multiple Vulnerabilities
PostNuke 0.726 Phoenix - Multiple Vulnerabilities PostNuke Multiple Vulnerabilities Vendor: PostNuke Product: PostNuke Version: CODE VLID = Should be the valid id number of a file for download. CODE = Any script or HTML etc. Solution: An update has been released regarding the SQL Injection...
PostNuke < 0.726 Phoenix - Multiple Vulnerabilities
PostNuke Multiple Vulnerabilities Vendor: PostNuke Product: PostNuke Version: CODE VLID = Should be the valid id number of a file for download. CODE = Any script or HTML etc. Solution: An update has been released regarding the SQL Injection vulnerability. The XSS vuln however will not be fixed...