EUVD-2006-1237

Malware in sbrugna...

WMNews 0 footer.php ctrrowcol Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17076/info WMNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

WMNews <= 0.2a (base_datapath) Remote Inclusion Vulnerability

No description provided by source. Advisory: WMNews Remote File Include Vulnerability Release Date: 2006/07/26 Author: uNfz Critical Level: High Contact: [email protected] Vendor: Warta Mikael -------------------- -------------------- Searching / Dork: allinurl: .php?Artid= allinurl: .php?ArtCat...

WMNews 0 wmcomments.php ArtID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17076/info WMNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

WMNews 0 wmview.php ArtCat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17076/info WMNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

WMNews index.php base_datapath Parameter PHP Code Execution - Ver2 (CVE-2006-3928)

A code execution vulnerability has been reported in WMNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

WMNews index.php base_datapath Parameter PHP Code Execution - Ver2 (CVE-2006-3928)

A code execution vulnerability has been reported in WMNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

WMNews Cross Site Scripting

======================================================================================== | Title : WMNews Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Total alerts found : 1 | Hig...

WMNews - adminwmnews.php Cross-Site Scripting

WMNews - adminwmnews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/37600/info WMNews is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...

WMNews - &#039;/admin/wmnews.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/37600/info WMNews is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

CVE-2006-3928

PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the basedatapath parameter...

CVE-2006-3928

WMNews

WMNewsInclude.txt

Advisory: WMNews Remote File Include Vulnerability Release Date: 2006/07/26 Author: uNfz Critical Level: High Contact: [email protected] Vendor: Warta Mikael -------------------- -------------------- Searching / Dork: allinurl: .php?Artid= allinurl: .php?ArtCat= allinurl: wmprint.php allinurl:...

WMNews <= 0.2a (base_datapath) Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================= WMNews = 0.2a basedatapath Remote Inclusion Vulnerability ============================================================= Advisory: WMNews Remote File Include Vulnerability Releas...

WMNews 0.2a - base_datapath Remote File Inclusion

WMNews 0.2a - basedatapath Remote File Inclusion Advisory: WMNews Remote File Include Vulnerability Release Date: 2006/07/26 Author: uNfz Critical Level: High Contact: [email protected] Vendor: Warta Mikael -------------------- -------------------- Searching / Dork: allinurl: .php?Artid= allinur...

WMNews &lt;= 0.2a (base_datapath) Remote Inclusion Vulnerability

No description provided by source. Advisory: WMNews Remote File Include Vulnerability Release Date: 2006/07/26 Author: uNfz Critical Level: High Contact: [email protected] Vendor: Warta Mikael -------------------- -------------------- Searching / Dork: allinurl: .php?Artid= allinurl: .php?ArtCat...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the 1 ArtCat parameter to wmview.php, 2 ctrrowcol parameter to footer.php, or 3 ArtID parameter to wmcomments.php...

CVE-2006-1233

Multiple cross-site scripting XSS vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the 1 ArtCat parameter to wmview.php, 2 ctrrowcol parameter to footer.php, or 3 ArtID parameter to wmcomments.php...

CVE-2006-1233

Multiple cross-site scripting XSS vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the 1 ArtCat parameter to wmview.php, 2 ctrrowcol parameter to footer.php, or 3 ArtID parameter to wmcomments.php...

CVE-2006-1233

CVE-2006-1233 describes multiple cross-site scripting (XSS) vulnerabilities in WMNews. Affected components include wmview.php (ArtCat parameter), footer.php (ctrrowcol parameter), and wmcomments.php (ArtID parameter). The provided documents indicate that remote attackers can inject arbitrary web ...