34 matches found
EUVD-2000-0073
Malware in sbrugna...
EUVD-2009-0705
Malware in sbrugna...
EUVD-2008-1538
Malware in sbrugna...
EUVD-2008-0752
Malware in sbrugna...
PowerScripts PlusMail WebConsole 1.0 Poor Authentication Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2653/info PowerScripts PlusMail Web Control Panel is a web-based administration suite for maintaining mailing lists, mail aliases, and web sites. It is reportedly possible to change the administrative username and passwor...
PowerClan <= 1.14a (footer.inc.php) Remote File Include Vulnerability
No description provided by source. +------------------------------------------------------------------------------------------- + PowerClan = 1.14a footer.inc.php Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Vendo...
PowerScripts PowerNews 2.5.6 'subpage' Parameter Multiple Local File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27688/info PowerScripts PowerNews is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially...
CVE-2009-0705
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
Sql injection
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
CVE-2009-0705
CVE-2009-0705 describes a SQL injection inPowerScripts PowerNews 2.5.4, specifically in news.php when magic_quotes_gpc is disabled, allowing remote attackers to inject SQL via the newsid parameter. Affected product: PowerNews 2.5.4. Root cause: improper input handling that enables SQL command exe...
CVE-2009-0705
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the newsid parameter...
Unfixed XSS vulnerability at www.powerscripts.info
Security researcher Camilo-TcK, has submitted on 30/10/2008 a cross-site-scripting XSS vulnerability affecting www.powerscripts.info, which at the time of submission ranked 20115038 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It...
Directory traversal
Directory traversal vulnerability in pbinc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC...
CVE-2008-1537
Directory traversal vulnerability in pbinc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC...
CVE-2008-1537
CVE-2008-1537 concerns PowerScripts PowerBook 1.21, where a directory traversal flaw in pb_inc/admincenter/index.php allows an attacker to include and execute local files by supplying a .. sequence in the page parameter. In some environments this can enable remote file inclusion via UNC shares or...
CVE-2008-1537
Directory traversal vulnerability in pbinc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC...
CVE-2008-0742
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. dot dot in the 1 subpage parameter in a categories.inc.php, b news.inc.php, c other.inc.php, d permissions.inc.php, e templates.inc.php, and f...
Directory traversal
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. dot dot in the 1 subpage parameter in a categories.inc.php, b news.inc.php, c other.inc.php, d permissions.inc.php, e templates.inc.php, and f...
CVE-2008-0742
CVE-2008-0742 affects PowerScripts PowerNews 2.5.6 with multiple directory traversal flaws allowing an attacker to read and include arbitrary files via .. in pnadmin/ (subpage in categories.inc.php, news.inc.php, other.inc.php, permissions.inc.php, templates.inc.php, users.inc.php) and via the pa...
CVE-2008-0742
Multiple directory traversal vulnerabilities in PowerScripts PowerNews 2.5.6 allow remote attackers to read and include arbitrary files via a .. dot dot in the 1 subpage parameter in a categories.inc.php, b news.inc.php, c other.inc.php, d permissions.inc.php, e templates.inc.php, and f...