118 matches found
EUVD-2016-10860
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...
EUVD-2016-10858
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...
CVE-2016-20052
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...
CVE-2016-20051
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...
CVE-2016-20052
CVE-2016-20052 affects Snews CMS 1.7 and describes an unrestricted file upload vulnerability exploitable by unauthenticated attackers. The issue allows uploading arbitrary files—including PHP executables—to the snews_files directory via the multipart form-data upload endpoint. Attackers can then ...
CVE-2016-20052 Snews CMS 1.7 Unrestricted File Upload via snews_files
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...
CVE-2016-20052 Snews CMS 1.7 Unrestricted File Upload via snews_files
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...
CVE-2016-20052
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...
CVE-2016-20051 Snews CMS 1.7 Cross-Site Request Forgery via changeup
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...
CVE-2016-20051 Snews CMS 1.7 Cross-Site Request Forgery via changeup
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...
CVE-2016-20051
CVE-2016-20051 concerns Snews CMS 1.7, where a cross-site request forgery allows an attacker to change administrator credentials without authentication by inducing an authenticated admin to submit a hidden form that targets the changeup action. The vulnerability stems from how the changeup POST r...
PT-2026-30350
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...
PT-2026-30349
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...
sNews 跨站请求伪造漏洞
sNews is a lightweight content management system developed by sNews CMS individuals, built using PHP. Version 1.7 of sNews has a cross-site request forgeing vulnerability. This vulnerability stems from a susceptibility to cross-site request forgery attacks, which could allow attackers to alter...
sNews 代码问题漏洞
sNews is a lightweight content management system developed by sNews CMS individuals, built using PHP. Version 1.7 of sNews has code vulnerabilities; these vulnerabilities stem from an unlimited file upload feature, which allows unauthenticated attackers to upload arbitrary files including PHP...
EUVD-2005-3848
Malware in sbrugna...
EUVD-2006-3910
Malware in sbrugna...
EUVD-2006-0722
Malware in sbrugna...
EUVD-2006-0723
Malware in sbrugna...
EUVD-2011-2687
Malware in sbrugna...