21 matches found
EUVD-2003-1078
Malware in sbrugna...
EUVD-2005-2653
Malware in sbrugna...
EUVD-2005-0676
Malware in sbrugna...
EUVD-2006-5416
Malware in sbrugna...
EUVD-2005-0677
Malware in sbrugna...
PHPOutsourcing Zorum 3.5 Prod.PHP Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access i...
CVE-2006-5431
PHP remote file inclusion vulnerability in gorum/dbproperty.php in PHPOutsourcing Zorum 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appDirName parameter...
Zorum 3.5 - 'DBProperty.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20606/info Zorum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with the...
CVE-2005-2652
Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to 1 gorum/notification.php, 2 user.php, 3 attach.php, 4 blacklist.php, 5 zorum/forum.php, 6 globalstat.php, 7 gorum/trace.php, 8 gorum/badwords.php, or 9 gorum/flood.php...
CVE-2005-2651
gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter...
CVE-2005-2651
gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter...
CVE-2005-2652
Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to 1 gorum/notification.php, 2 user.php, 3 attach.php, 4 blacklist.php, 5 zorum/forum.php, 6 globalstat.php, 7 gorum/trace.php, 8 gorum/badwords.php, or 9 gorum/flood.php...
CVE-2005-2652
CVE-2005-2652 affects Zorum 3.5. The vulnerability permits remote attackers to obtain the full installation path by directly requesting any of these pages: gorum/notification.php, user.php, attach.php, blacklist.php, zorum/forum.php, globalstat.php, gorum/trace.php, gorum/badwords.php, or gorum/f...
PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution
PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitat...
PHPOutsourcing Zorum 3.5 - 'Prod.php' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access in the context of the Web server to...
CVE-2005-0676
index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability...
CVE-2005-0675
Cross-site scripting XSS vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the 1 list or 2 frommethod parameters...
CVE-2005-0677
index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter...
CVE-2005-0676
index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability...
CVE-2005-0677
CVE-2005-0677 affects Zorum 3.5 where the file index.php allows remote attackers to perform certain actions as other users by modifying the id parameter. The underlying issue is parameter manipulation that enables privilege escalation within the application, leading to actions executed with anoth...