EUVD-2008-7220

Malware in sbrugna...

EUVD-2008-7222

Malware in sbrugna...

CVE-2008-7269

Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter in a logout action...

CVE-2008-7267

SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

Sql injection

SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter...

Information disclosure

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

CVE-2008-7267

SQL injection vulnerability in announcements.php in SiteEngine 5.x allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-7267

CVE-2008-7267 describes a SQL injection in SiteEngine 5.x, specifically in announcements.php, where the vulnerable parameter is id. The root cause is improper handling of user input leading to arbitrary SQL execution by remote attackers. Impact is partial confidentiality/integrity/availability lo...

CVE-2008-7268

SiteEngine 5.x is affected by CVE-2008-7268 via a phpinfo information-disclosure in misc.php when action=php_info is supplied, allowing remote attackers to obtain system information. The connected documents reiterate the description; no remediation patch/version is provided in the supplied source...

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

CVE-2008-7269

CVE-2008-7269 is an open-redirect flaw affecting SiteEngine 5.x (notably in api.php) where a user-controlled forward parameter in a logout action can redirect victims to arbitrary sites. The vulnerability enables user-assisted remote attack chains for phishing or similar redirects. The Nuclei tem...

SiteEngine 5.x Multiple Remote Vulnerabilities

Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if intval $id requireonce $siteengineroot."lib/rss.php" ; $sql = "SELECT url FROM...

SiteEngine 5.x Multiple Remote Vulnerabilities

No description provided by source. SiteEngine 5.x Multiple Remote Vulnerabilities Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if intval $i...

SiteEngine 5.x - Multiple Vulnerabilities

SiteEngine 5.x - Multiple Vulnerabilities SiteEngine 5.x Multiple Remote Vulnerabilities Due to incorrect use of intval function, leading to the logic of inspection parameters can be bypassed, resulting in SQL injection vulnerability. -=0x01=- SQL injection Vulnerability vul code like this: if...