EUVD-2020-4149

Malware in sbrugna...

Sourcefabric Newscoop Code Issue Vulnerability

Sourcefabric Newscoop is a content management system. A code issue vulnerability exists in Sourcefabric Newscoop version 4.4.7. An attacker can exploit this vulnerability to execute arbitrary PHP code on the server...

CVE-2020-11807

Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code and sometimes terminal commands on a server by making an avatar update and then visiting the avatar file under the /images/ path...

CVE-2020-11807

Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code and sometimes terminal commands on a server by making an avatar update and then visiting the avatar file under the /images/ path...

Unrestricted file upload

Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code and sometimes terminal commands on a server by making an avatar update and then visiting the avatar file under the /images/ path...

CVE-2020-11807

Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code and sometimes terminal commands on a server by making an avatar update and then visiting the avatar file under the /images/ path...

CVE-2020-11807

The CVE-2020-11807 entry concerns Sourcefabric Newscoop 4.4.7 where an authenticated user can upload a file of a dangerous type via the avatar update. The authenticated user can then access the avatar under /images/ to cause arbitrary PHP code execution (and, in some cases, terminal commands) on ...

Newscoop 4.0.2 Blind SQLi & Path Disclosure Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Multiple vulnerabilities in Newscoop

Advisory ID: HTB23084 Product: Newscoop Vendor: Sourcefabric o.p.s. Vulnerable Versions: 3.5.3 and probably prior, partially 4.0 RC3 Tested Version: 3.5.3 Vendor Notification: 28 March 2012 Vendor Patch: 5 April 2012 Public Disclosure: 18 April 2012 Vulnerability Type: Remote File Inclusion, SQL...

newscoop 3.5.3 - Multiple Vulnerabilities

newscoop 3.5.3 - Multiple Vulnerabilities Advisory ID: HTB23084 Product: Newscoop Vendor: Sourcefabric o.p.s. Vulnerable Versions: 3.5.3 and probably prior, partially 4.0 RC3 Tested Version: 3.5.3 Vendor Notification: 28 March 2012 Vendor Patch: 5 April 2012 Public Disclosure: 18 April 2012...

newscoop 3.5.3 - Multiple Vulnerabilities

Advisory ID: HTB23084 Product: Newscoop Vendor: Sourcefabric o.p.s. Vulnerable Versions: 3.5.3 and probably prior, partially 4.0 RC3 Tested Version: 3.5.3 Vendor Notification: 28 March 2012 Vendor Patch: 5 April 2012 Public Disclosure: 18 April 2012 Vulnerability Type: Remote File Inclusion, SQL...

Newscoop 3.5.3 XSS / RFI / SQL Injection

Advisory ID: HTB23084 Product: Newscoop Vendor: Sourcefabric o.p.s. Vulnerable Versions: 3.5.3 and probably prior, partially 4.0 RC3 Tested Version: 3.5.3 Vendor Notification: 28 March 2012 Vendor Patch: 5 April 2012 Public Disclosure: 18 April 2012 Vulnerability Type: Remote File Inclusion, SQL...

Newscoop 3.5.3 XSS / RFI / SQL Injection

Exploit for php platform in category web applications Product: Newscoop Vendor: Sourcefabric o.p.s. Vulnerable Versions: 3.5.3 and probably prior, partially 4.0 RC3 Tested Version: 3.5.3 Vendor Notification: 28 March 2012 Vendor Patch: 5 April 2012 Public Disclosure: 18 April 2012 Vulnerability...

Sourcefabric Newscoop <= 3.5.4 Multiple Vulnerabilities - Active Check

Sourcefabric Newscoop is prone to multiple cross-site scripting XSS and SQL injection SQLi vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpte...

Sourcefabric Newscoop Multiple Cross Site Scripting and SQL Injection Vulnerabilities

Sourcefabric Newscoop is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Exploiting these issues could allow an attacker to steal cookie- based authentication...

XSS vulnerability in Campsite

Vulnerability ID: HTB22494 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincampsite.html Product: Campsite Vendor: Sourcefabric o.p.s http://www.sourcefabric.org/ Vulnerable Version: 3.3.6 and Probably Prior Versions Vendor Notification: 16 July 2010 Vulnerability Type: XSS Cross Sit...

XSS vulnerability in Campsite

Vulnerability ID: HTB22495 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincampsite1.html Product: Campsite Vendor: Sourcefabric o.p.s http://www.sourcefabric.org/ Vulnerable Version: 3.3.6 and Probably Prior Versions Vendor Notification: 16 July 2010 Vulnerability Type: XSS Cross Si...

Campsite 3.3.6 Cross Site Scripting

=============================================================== Vulnerability ID: HTB22494 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincampsite.html Product: Campsite Vendor: Sourcefabric o.p.s http://www.sourcefabric.org/ Vulnerable Version: 3.3.6 and Probably Prior Versions...

Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/42107/info Sourcefabric Campsite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...

Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities

Sourcefabric Campsite - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/42107/info Sourcefabric Campsite is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issu...