58 matches found
PSArt news publishing system 0day-vulnerability warning-the black bar safety net
PSArt news publishing system PSArt Ver 1.2.0 multi-file existsSql injection, the streaking of a system. Google: the Power by CNBaJing. CN Injected statement: http://www.sqnc.edu.cn/kxfzg/news.asp?id=128%20and%201=2%20union%20select%201,username,3,4,5,6,7,password,9%20from%20admin...
TransLucid 1.75 - Multiple Vulnerabilities
transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing list of ready-made, professional...
Concave Yaya news publishing system WebBasicInfo. asp administrator privileges unauthenticated vulnerability-vulnerability warning-the black bar safety net
Found by:skerwww. zerobox. org The affected version Concave Yaya news publishing system 4. 7ACC version Other version not tested Vulnerability description Concave Yaya news publishing system is an ASP program in conjunction with the ACC and MYSQL CMS system Vulnerability is the path where the...
TransLucid 1.75 - 'FCKeditor' Arbitrary File Upload
www.BugReport.ir AmnPardaz Security Research Team Title: TransLucid 1.75 fckeditor Remote Arbitrary File Upload Vendor: www.translucidonline.com Vulnerable Version: 1.75 prior versions also may be affected Exploitation: Remote with browser Exploit: Available Impact: Medium Fix: N/A Original...
CVE-2003-1553
Technical details about CVE-2003-1553 (affected product/version, root cause, impact, mitigation) are not provided in the connected documents; no public details are available here. Monitor for updates.
CVE-2003-1553
Haakon Nilsen Simple Internet Publishing System SIPS 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory...
SAXON version 5.4 XSS Attack Vulnerability
netVigilance Security Advisory 54 SAXON version 5.4 XSS Attack Vulnerability Description: SAXON is a simple accessible online news publishing system for personal and small corporate site owners. Publish news, using configurable templates, on any .php page on your site. Publish news on a 'per...
NewP News Publishing System 1.0 - 'Class.Database.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20893/info NewP News Publishing system is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other...
CVE-2006-5411
Unrestricted file upload vulnerability in upload.php for Free Web Publishing System FreeWPS, possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs...
CVE-2006-5411
The CVE-2006-5411 entry concerns an unrestricted file upload in Free Web Publishing System (FreeWPS) via upload.php, potentially affecting version 2.11 and earlier. Remote attackers could upload and execute arbitrary PHP programs. The vulnerability enables partial confidentiality, integrity, and ...
CVE-2000-1241
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system SIPS before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."...
CVE-2006-4733
PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system SIPS 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the configsipssys parameter. NOTE: the product's documentation recommends placing the...
CVE-2006-1363
The CVE-2006-1363 issue affects Free Web Publishing System (FreeWPS) 2.11 (Justin White/YTZ). A remote attacker can upload a PHP file to the /upload directory via the dirPath parameter and then access that file to execute arbitrary PHP code, enabling remote code execution. Impact is partial confi...
CVE-2006-1363
images.php in Justin White aka YTZ Free Web Publishing System FreeWPS 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file...
farsiNews.txt
FarsiNews 2.5 Multiple Vulnerabilities FarsiNews is a News Publishing System That uses Flat files to store its Datas... Farsinews is a persian and improved translation of CuteNews, AjFork, CuteHack and CuteSQL... for more information about FarsiNews Publishing System visit...
Props 0.6.1 XSS and Remote File Viewing Vulnerability
Title: Props 0.6.1 XSS and Remote File Viewing Vulnerability. Software: Props 0.6.1 Vendor: http://props.sourceforge.net/ Platform: PHP4 and MySQL Description: PROPS is an open, extensible Internet publishing system designed specifically for periodicals such as newspapers and magazines who want t...
CVE-2003-1553
Haakon Nilsen Simple Internet Publishing System SIPS 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory...
CVE-2002-0267
preferences.php in Simple Internet Publishing System SIPS before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file...