23 matches found
EUVD-2003-0326
Malware in sbrugna...
EUVD-2003-1449
Malware in sbrugna...
EUVD-2003-1448
Malware in sbrugna...
ttCMS 2.2/2.3,ttForum 1.1 Index.PHP Instant-Messages Preferences SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7634/info A problem with ttCMS/ttForum could make it possible for a remote user to launch SQL injection attacks. It has been reported that a problem exists in the Instant-Messages script distributed as part of the softwar...
ttCMS 2.2 / ttForum 1.1 News.php template Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for ...
ttCMS 2.2 / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
No description provided by source...
CVE-2003-1458
CVE-2003-1458 affects ttCMS 2.2 and ttForum via a SQL injection vulnerability in Profile.php, exploitable through the member name to execute arbitrary SQL commands. The vulnerability is remote and the documented impact is partial confidentiality, integrity, and availability. Exploitation details ...
CVE-2003-1459
CVE-2003-1459 affects ttCMS 2.2 and ttForum, with multiple PHP remote file inclusion vulnerabilities. The issue allows remote attackers to execute arbitrary PHP code via (1) the template parameter in News.php or (2) the installdir parameter in install.php. Exploitation details indicate that this ...
CVE-2003-1459
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the 1 template parameter in News.php or 2 installdir parameter in install.php...
CVE-2003-1458
SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name...
CVE-2003-0331
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page...
CVE-2003-0331
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page...
CVE-2003-0331
The vulnerability CVE-2003-0331 affects ttForum, with SQL injection possible via the Ignorelist-Textfield in the Preferences page. The underlying flaw allows remote attackers to execute arbitrary SQL and obtain ttForum Administrator privileges. No specific affected versions or patches are provide...
ttCMS/ttForum multiple bugs
SQL injection via username in Profile.php. PHP injection in News.php, install.php...
More vulnerabilities in ttForum/ttCMS -> SQL injection
Advisory name: SQL Injection-Bug in ttForum all versions Application: ttForum - all versions Vendor: www.ttforum.com Status: Vendor of ttForum was contacted but didn't reply Impact: Attacker can get Administrator-rights on forum Platforms: any Technical description: ---------------------- Everybo...
ttCMS 2.22.3 ttForum 1.1 - index.php Instant-Messages Preferences SQL Injection
ttCMS 2.22.3 ttForum 1.1 - index.php Instant-Messages Preferences SQL Injection source: https://www.securityfocus.com/bid/7634/info A problem with ttCMS/ttForum could make it possible for a remote user to launch SQL injection attacks. It has been reported that a problem exists in the...
ttCMS 2.2/2.3 / ttForum 1.1 - 'index.php' Instant-Messages Preferences SQL Injection
source: https://www.securityfocus.com/bid/7634/info A problem with ttCMS/ttForum could make it possible for a remote user to launch SQL injection attacks. It has been reported that a problem exists in the Instant-Messages script distributed as part of the software. Due to insufficient sanitizing ...
ttforum Multiple Vulnerabilities
The remote host is running ttforum. This set of CGI is vulnerable to various attacks which may allow an attacker to execute arbitrary code on this host or gain administrative privileges on this forum. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 9 May 2003 16:58:36 -0000 From:...
ttCMS 2.2 ttForum 1.1 - install.php?installdir Remote File Inclusion
ttCMS 2.2 ttForum 1.1 - install.php?installdir Remote File Inclusion source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and...
ttCMS 2.2 ttForum 1.1 - news.php?template Remote File Inclusion
ttCMS 2.2 ttForum 1.1 - news.php?template Remote File Inclusion source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php...