23 matches found
EUVD-2003-1448
Malware in sbrugna...
EUVD-2003-1449
Malware in sbrugna...
EUVD-2003-0326
Malware in sbrugna...
ttCMS 2.2 / ttForum 1.1 News.php template Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for ...
ttCMS 2.2 / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
No description provided by source...
ttCMS 2.2/2.3,ttForum 1.1 Index.PHP Instant-Messages Preferences SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7634/info A problem with ttCMS/ttForum could make it possible for a remote user to launch SQL injection attacks. It has been reported that a problem exists in the Instant-Messages script distributed as part of the softwar...
CVE-2003-1458
CVE-2003-1458 affects ttCMS 2.2 and ttForum via a SQL injection vulnerability in Profile.php, exploitable through the member name to execute arbitrary SQL commands. The vulnerability is remote and the documented impact is partial confidentiality, integrity, and availability. Exploitation details ...
CVE-2003-1459
CVE-2003-1459 affects ttCMS 2.2 and ttForum, with multiple PHP remote file inclusion vulnerabilities. The issue allows remote attackers to execute arbitrary PHP code via (1) the template parameter in News.php or (2) the installdir parameter in install.php. Exploitation details indicate that this ...
CVE-2003-1458
SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name...
CVE-2003-1459
Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the 1 template parameter in News.php or 2 installdir parameter in install.php...
CVE-2003-0331
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page...
CVE-2003-0331
The vulnerability CVE-2003-0331 affects ttForum, with SQL injection possible via the Ignorelist-Textfield in the Preferences page. The underlying flaw allows remote attackers to execute arbitrary SQL and obtain ttForum Administrator privileges. No specific affected versions or patches are provide...
CVE-2003-0331
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page...
More vulnerabilities in ttForum/ttCMS -> SQL injection
Advisory name: SQL Injection-Bug in ttForum all versions Application: ttForum - all versions Vendor: www.ttforum.com Status: Vendor of ttForum was contacted but didn't reply Impact: Attacker can get Administrator-rights on forum Platforms: any Technical description: ---------------------- Everybo...
ttCMS/ttForum multiple bugs
SQL injection via username in Profile.php. PHP injection in News.php, install.php...
ttCMS 2.2/2.3 / ttForum 1.1 - 'index.php' Instant-Messages Preferences SQL Injection
source: https://www.securityfocus.com/bid/7634/info A problem with ttCMS/ttForum could make it possible for a remote user to launch SQL injection attacks. It has been reported that a problem exists in the Instant-Messages script distributed as part of the software. Due to insufficient sanitizing ...
ttCMS 2.22.3 ttForum 1.1 - index.php Instant-Messages Preferences SQL Injection
ttCMS 2.22.3 ttForum 1.1 - index.php Instant-Messages Preferences SQL Injection source: https://www.securityfocus.com/bid/7634/info A problem with ttCMS/ttForum could make it possible for a remote user to launch SQL injection attacks. It has been reported that a problem exists in the...
ttforum Multiple Vulnerabilities
The remote host is running ttforum. This set of CGI is vulnerable to various attacks which may allow an attacker to execute arbitrary code on this host or gain administrative privileges on this forum. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 9 May 2003 16:58:36 -0000 From:...
ttcms and ttforum exploits
hope this is the right place to send this exploit info, I found three diffrent exploits for a forum software / cms software: ------------------------------------------------------------------------------------------------------------------------------------------------ Affected Product: ttCMS or...
ttCMS 2.2 / ttForum 1.1 - 'news.php?template' Remote File Inclusion
source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for a remote attacker to include a...