Lucene search
K

24 matches found

EUVD
EUVD
added 2026/04/04 3:30 p.m.5 views

EUVD-2016-10858

Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...

6.9CVSS5.9AI score0.00162EPSS
Exploits1References3
CVE
CVE
added 2026/04/04 1:50 p.m.10 views

CVE-2016-20052

CVE-2016-20052 affects Snews CMS 1.7 and describes an unrestricted file upload vulnerability exploitable by unauthenticated attackers. The issue allows uploading arbitrary files—including PHP executables—to the snews_files directory via the multipart form-data upload endpoint. Attackers can then ...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/04 1:50 p.m.1 views

CVE-2016-20052

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snewsfiles directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/04 1:50 p.m.4 views

CVE-2016-20051 Snews CMS 1.7 Cross-Site Request Forgery via changeup

Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...

6.9CVSS5.9AI score0.00162EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.4 views

PT-2026-30349

Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick authenticated administrators into visiting a page containing a hidden form that submits POST...

6.9CVSS5.9AI score0.00162EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.7 views

PT-2026-30350

Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by...

9.8CVSS6.4AI score0.00951EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2016/11/04 12:0 a.m.42 views

sNews CMS 1.7 Cross Site Request Forgery

Exploit Title : Snews CMS Cross Site Request Forgery Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 1/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link : http://snewscms.com/download/snews1.7.1.zip Version :...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/04 12:0 a.m.27 views

sNews CMS 1.7 Shell Upload

Exploit Title : Snews CMS upload sheller Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 04/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link : http://snewscms.com/download/snews1.7.1.zip Version : 1.7latest 3...

0.1AI score
Exploits0
0day.today
0day.today
added 2016/11/04 12:0 a.m.38 views

sNews 1.7.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title : Snews CMS Cross Site Request Forgery Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 1/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link :...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/11/03 12:0 a.m.23 views

sNews 1.7.1 - Cross-Site Request Forgery

sNews 1.7.1 - Cross-Site Request Forgery Exploit Title : Snews CMS Cross Site Request Forgery Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 1/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link :...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2016/11/03 12:0 a.m.23 views

sNews 1.7.1 - Arbitrary File Upload

sNews 1.7.1 - Arbitrary File Upload Exploit Title : Snews CMS upload sheller Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 04/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link :...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/03 12:0 a.m.32 views

sNews 1.7.1 - Arbitrary File Upload

Exploit Title : Snews CMS upload sheller Author : Ashiyane Digital Security Team Google Dork : "This site is powered by sNews" Date : 04/11/2016 Type : webapps Platform : PHP Vendor Homepage : http://snewscms.com/ Software link : http://snewscms.com/download/snews1.7.1.zip Version : 1.7latest 3...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/06/21 12:0 a.m.32 views

sNews CMS 1.7.1 CSRF / Cross Site Scripting / Code Execution

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent...

Exploits0
Exploit DB
Exploit DB
added 2016/06/20 12:0 a.m.38 views

sNews CMS 1.7.1 - Multiple Vulnerabilities

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/06/20 12:0 a.m.28 views

sNews CMS 1.7.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent Remote Command Execution Cross Site Request Forgeries CSR...

7.1AI score
Exploits0
myhack58
myhack58
added 2013/01/19 12:0 a.m.20 views

CMS snews SQL injection and fix-vulnerability warning-the black bar safety net

Title: CMS snews SQL Injection Vulnerability Author: By onestree Download address : http://snewscms.com/ Test platform : ubuntu 12.10 / win 7 Keywords: inurl:"tanyakan pada rumput yang bergoyang" SQL poc: http://www.2cto.com /snews/snews. php? act=shownews&id=SQL Example...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2013/01/15 12:0 a.m.15 views

CMS snews - SQL Injection

CMS snews - SQL Injection / | / \ / / \ / /\ \ / / \ | \ / \ \ | | | | /\ /\ / /|| /\ | | || \ \ / / / / / Exploit Title : CMS snews SQL Injection Vulnerability Author : By onestree Software Link : http://snewscms.com/ tested : ubuntu 12.10 / win 7 Dork : inurl:"tanyakan pada rumput yang...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2013/01/15 12:0 a.m.26 views

Snews CMS SQL Injection

/ | / \ / / \ / /\ \ / / \ | \ / \ \ | | | | /\ /\ / /|| /\ | | || \ \ / / / / / Exploit Title : CMS snews SQL Injection Vulnerability Author : By onestree Software Link : http://snewscms.com/ tested : ubuntu 12.10 / win 7 Dork : inurl:"tanyakan pada rumput yang bergoyang" SQL poc:...

0.5AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2011/07/11 12:0 a.m.34 views

sNews v1.7.1 - File Upload Vulnerability

Document Title: =============== sNews v1.7.1 - File Upload Vulnerability Release Date: ============= 2011-07-11 Vulnerability Laboratory ID VL-ID: ==================================== 142 Product & Service Introduction: =============================== sNews is a completely free, standards...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2011/07/11 12:0 a.m.24 views

sNews v1.7.1 - File Upload Vulnerability

Document Title: =============== sNews v1.7.1 - File Upload Vulnerability Release Date: ============= 2011-07-11 Vulnerability Laboratory ID VL-ID: ==================================== 142 Product & Service Introduction: =============================== sNews is a completely free, standards...

7.4AI score
Exploits0
Rows per page
Query Builder