40 matches found
EUVD-2007-0388
Malware in sbrugna...
EUVD-2006-0806
Malware in sbrugna...
EUVD-2006-0807
Malware in sbrugna...
EUVD-2010-1733
Malware in sbrugna...
EUVD-2004-1948
Malware in sbrugna...
EUVD-2005-1624
Malware in sbrugna...
EUVD-2008-1592
Malware in sbrugna...
EUVD-2002-1994
Malware in sbrugna...
EUVD-2002-1975
Malware in sbrugna...
CVE-2004-2752
Cross-site scripting XSS vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action...
CVE-2002-2015
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter...
CVE-2006-6267
PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message...
CVE-2006-5733
CVE-2006-5733 : A directory traversal/remote local file inclusion flaw in PostNuke ≤0.763 (error.php) allows an attacker to cause arbitrary local file inclusion by placing PHP sequences in the PNSVlang cookie, which gets written into Apache logs and later included by error.php. Affected product/v...
PostNuke 0.750.76 DL - viewdownload.php SQL Injection
PostNuke 0.750.76 DL - viewdownload.php SQL Injection source: https://www.securityfocus.com/bid/14636/info PostNuke is prone to an SQL injection vulnerability. This issue is due to a lack of sufficient sanitization of user-supplied input. Successful exploitation could result in a compromise of th...
[SA15855] PostNuke XML-RPC Library PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[Full-disclosure] Postnuke 0.750 - 0.760rc4 local file inclusion
Product : Postnuke 0.750 http://www.postnuke.com Description: Postnuke 0.750 - 0.760rc4 local file inclusion Severity: High Description =========== Postnuke is Web Content Management System written in PHP and using mysql as database backend. Detail ====== Directory traversal in function pnModFunc...
postnukeXSS.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Critical XSS 0.760-RC2=x cXIb8O3.2 Author: cXIb8O3Maksymilian Arciemowicz Date: 19.2.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.750 and 0.760-RC2 PostNuke is an open source, open developement...
postnuke -- cross-site scripting (XSS) vulnerabilities
A cross-site scripting vulnerability is present in the PostNuke PHP content management system. By passing data injected through exploitable errors in input validation, an attacker can insert code which will run on the machine of anybody viewing the page. It is feasible that this attack could be...
CVE-2004-2752
Cross-site scripting XSS vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action...
PostNuke 0.720.75 Reviews Module - Cross-Site Scripting
PostNuke 0.720.75 Reviews Module - Cross-Site Scripting source: https://www.securityfocus.com/bid/10802/info PostNuke is reported prone to a cross-site scripting vulnerability. This issue affects the 'title' parameter of 'Reviews' script. Exploitation of this issue could allow for theft of...