15 matches found
EUVD-2007-0567
Malware in sbrugna...
EUVD-2007-0628
Malware in sbrugna...
Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit
No description provided by source. r0ut3r Presents... Another r0ut3r discovery! writ3r at gmail.com XNews Remote File Disclosure Exploit Software: Xnews 1.0.1 Vendor: http://xpression.hogsmeade-village.com/ Released: 2007/01/28 Discovered & Exploit By: r0ut3r writ3...
Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit
Exploit for unknown platform in category web applications ================================================================== Xpression News 1.0.1 archives.php Remote File Disclosure Exploit ================================================================== r0ut3r Presents... Another r0ut3r...
CVE-2007-0630
Multiple SQL injection vulnerabilities in the generatecsv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 from, and 3 q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this...
Sql injection
Multiple SQL injection vulnerabilities in the generatecsv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 from, and 3 q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this...
CVE-2007-0630
Multiple SQL injection vulnerabilities in the generatecsv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 from, and 3 q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this...
CVE-2007-0630
CVE-2007-0630 describes multiple SQL injection vulnerabilities in the generate_csv function of X-dev xNews 1.3 and earlier. The affected component is generate_csv in classes/class.news.php, with vulnerable parameters (id, from, q). The issue enables remote attackers to execute arbitrary SQL comma...
CVE-2007-0569
CVE-2007-0569 describes a SQL injection in the xNews.php component of xNews 1.3 that allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action. The vulnerability enables database query manipulation and potential data exposure or manipulation from unauthen...
CVE-2007-0569
SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action...
xNews 1.3 (xNews.php) Remote SQL Injection Vulnerability
No description provided by source. Title : xNews 1.3 xNews.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.x-dev.de $$ : Free SQL--------------------------------------------------------- http://target/path//xNews.php?act=shownews&id=SQL Example:...
xNews 1.3 (xNews.php) Remote Blind SQL Injection Vulnerability
Title : xNews 1.3 xNews.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.x-dev.de $$ : Free SQL--------------------------------------------------------- http://target/path//xNews.php?act=shownews&id=SQL Example:...
xNews 1.3 (xNews.php) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================================== xNews 1.3 xNews.php Remote SQL Injection Vulnerability ======================================================== Title : xNews 1.3 xNews.php Remote Blind SQL Injection Vulnerability...
xNews 1.3 - xNews.php SQL Injection
xNews 1.3 - xNews.php SQL Injection Title : xNews 1.3 xNews.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.x-dev.de $$ : Free SQL--------------------------------------------------------- http://target/path//xNews.php?act=shownews&id=SQL Example:...
xNews 1.3 - 'xNews.php' SQL Injection
Title : xNews 1.3 xNews.php Remote Blind SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.x-dev.de $$ : Free SQL--------------------------------------------------------- http://target/path//xNews.php?act=shownews&id=SQL Example:...