6 matches found
sNews 跨站请求伪造漏洞
sNews is a lightweight content management system developed by sNews CMS individuals, built using PHP. Version 1.7 of sNews has a cross-site request forgeing vulnerability. This vulnerability stems from a susceptibility to cross-site request forgery attacks, which could allow attackers to alter...
EUVD-2010-2930
Malware in sbrugna...
sNews 1.7 - (index.php?category) SQL Injection Vulnerability
No description provided by source. sNews v1.7 index.php?category SQL Injection Vulnerability Author : CoBRa21 Author Web Page : http://www.ipbul.org Dork: Powered by sNews Sql Injection: http://localhost/path/index.php?category=-3 union select 0,version,2,3,4,5,6,7,8 Thanks http://e-banka.org &...
sNews 1.7 Cross Site Scripting
=============================== Vulnerability ID: HTB22638 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsnews1.html Product: sNews Vendor: sNews Team tp://www.snewscms.com/ Vulnerable Version: 1.7 and probably prior versions Vendor Notification: 05 October 2010 Vulnerability Type:...
CVE-2010-2926
SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter...
Sql injection
SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary SQL commands via the category parameter...