Lucene search
K

39 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2007-6357

Malware in sbrugna...

7.5CVSS6.4AI score0.00987EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2008-6626

Malware in sbrugna...

7.5CVSS6.4AI score0.02511EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-6784

Malware in sbrugna...

6.8CVSS6.4AI score0.0201EPSS
Exploits1References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

SH-News <= 3.1 (scriptpath) Multiple Remote File Include Vulnerabilities

No description provided by source. ================================================================== SH-News RFI ================================================================== Info:- Scripts: SH-News Download: http://www.hotscripts.com/jump.php?listingid=19561&jumptype=1 Version : 3.1 Dork &...

7.1AI score
Exploits0
NVD
NVD
added 2009/04/08 10:30 a.m.16 views

CVE-2008-6664

action.php in SH-News 3.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the shuser and shpass cookies to non-zero values...

7.5CVSS7.1AI score0.02511EPSS
Exploits1References4
Prion
Prion
added 2009/04/08 10:30 a.m.14 views

Authentication flaw

action.php in SH-News 3.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the shuser and shpass cookies to non-zero values...

7.5CVSS7.7AI score0.02511EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/04/08 10:0 a.m.21 views

CVE-2008-6664

action.php in SH-News 3.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the shuser and shpass cookies to non-zero values...

7.1AI score0.02511EPSS
Exploits1References4
CVE
CVE
added 2009/04/08 10:0 a.m.64 views

CVE-2008-6664

CVE-2008-6664 affects SH-News 3.0, where action.php can bypass authentication and grant admin privileges by setting the shuser and shpass cookies to non-zero values. The vulnerability enables remote attackers to assume administrator access due to the cookie-based check. NVD notes a base score of ...

7.5CVSS7.3AI score0.02511EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2009/04/08 12:0 a.m.4 views

PT-2009-2134 · Sh News · Sh-News

Name of the Vulnerable Software and Affected Versions: SH-News version 3.0 Description: The issue allows remote attackers to bypass authentication and gain administrator privileges. This is achieved by setting the shuser and shpass cookies to non-zero values in the 'action.php' file...

7.5CVSS7.2AI score0.02511EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2008/06/16 12:0 a.m.24 views

shnews-cookie.txt

...:::::SH-News 3.0 Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend in...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/06/15 12:0 a.m.17 views

SH-News 3.0 Insecure Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ================================================== SH-News 3.0 Insecure Cookie Handling Vulnerability ================================================== ...:::::SH-News 3.0 Insecure Cookie Handling Vulnerability ::::.... -------- Discoverd...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/06/15 12:0 a.m.14 views

SH-News 3.0 - Insecure Cookie Handling

SH-News 3.0 - Insecure Cookie Handling ...:::::SH-News 3.0 Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members &...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/15 12:0 a.m.30 views

SH-News 3.0 - Insecure Cookie Handling

...:::::SH-News 3.0 Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend in...

7.4AI score
Exploits0
NVD
NVD
added 2007/12/17 6:46 p.m.10 views

CVE-2007-6391

SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.00987EPSS
Exploits1References3
CVE
CVE
added 2007/12/17 6:0 p.m.38 views

CVE-2007-6391

The CVE-2007-6391 entry concerns an SQL injection in SH-News 3.0, specifically in patch/comments.php where the id parameter is vulnerable. Multiple connected documents confirm this: remote attackers can inject arbitrary SQL commands via id, indicating a server-side query construction flaw in SH-N...

7.5CVSS8.4AI score0.00987EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2007/12/17 6:0 p.m.15 views

CVE-2007-6391

SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.00987EPSS
Exploits1References3
seebug.org
seebug.org
added 2007/12/11 12:0 a.m.19 views

SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability

No description provided by source. ...:::::SH-News 3.0 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/10 12:0 a.m.22 views

shnews-sql.txt

...:::::SH-News 3.0 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the world hadiaryaie200...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/12/09 12:0 a.m.21 views

SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ SH-News 3.0 comments.php id Remote SQL Injection Vulnerability ================================================================ ...:::::SH-News 3.0 SQL Injection Vulnerbility...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/12/09 12:0 a.m.66 views

SH-News 3.0 - comments.php SQL Injection

SH-News 3.0 - comments.php SQL Injection ...:::::SH-News 3.0 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to ...

0.1AI score
Exploits0
Rows per page
Query Builder