EUVD-2008-0752

Malware in sbrugna...

EUVD-2009-0705

Malware in sbrugna...

PowerScripts PowerNews 2.5.6 'subpage' Parameter Multiple Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27688/info PowerScripts PowerNews is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially...

pNews <= 1.1.0 (nbs) Remote File Include Vulnerability

No description provided by source. PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews v1.1.0 Download..: http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System Contact...

PowerNews (Newsscript) 2.5.6 - Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution:...

Sql injection

SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter...

CVE-2009-0705

SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter...

CVE-2009-0705

CVE-2009-0705 describes a SQL injection inPowerScripts PowerNews 2.5.4, specifically in news.php when magic_quotes_gpc is disabled, allowing remote attackers to inject SQL via the newsid parameter. Affected product: PowerNews 2.5.4. Root cause: improper input handling that enables SQL command exe...

PowerNews 2.5.4 SQL Injection

...:::::powernews 2.5.4 SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz greetz:to my best friend in the world...

PowerNews 2.5.4 (news.php newsid) SQL Injection Vulnerability

No description provided by source. ...:::::powernews 2.5.4 SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz greetz:to...

PowerNews 2.5.4 (news.php newsid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================= PowerNews 2.5.4 news.php newsid SQL Injection Vulnerability =============================================================...

PowerNews 2.5.4 - newsid SQL Injection

PowerNews 2.5.4 - newsid SQL Injection ...:::::powernews 2.5.4 SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz...

PowerNews 2.5.4 - &#039;newsid&#039; SQL Injection

...:::::powernews 2.5.4 SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz greetz:to my best friend in the world...

Directory traversal

Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. dot dot in the 1 subpage parameter in a categories.inc.php, b news.inc.php, c other.inc.php, d permissions.inc.php, e templates.inc.php, and f...

CVE-2008-0742

Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. dot dot in the 1 subpage parameter in a categories.inc.php, b news.inc.php, c other.inc.php, d permissions.inc.php, e templates.inc.php, and f...

CVE-2008-0742

Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. dot dot in the 1 subpage parameter in a categories.inc.php, b news.inc.php, c other.inc.php, d permissions.inc.php, e templates.inc.php, and f...

CVE-2008-0742

CVE-2008-0742 affects PowerScripts PowerNews 2.5.6 with multiple directory traversal flaws allowing an attacker to read and include arbitrary files via .. in pnadmin/ (subpage in categories.inc.php, news.inc.php, other.inc.php, permissions.inc.php, templates.inc.php, users.inc.php) and via the pa...

[DSECRG-08-014] Multiple LFI in PowerNews &#40;Newsscript&#41; 2.5.6

Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory:...

PowerNews (Newsscript) 2.5.6 Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution:...

DSECRG-08-014.txt

Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory:...