Search criteria
6 vulnerabilities found for adbnewssender by adbnewssender
CVE-2009-2449 (GCVE-0-2009-2449)
Vulnerability from nvd – Published: 2009-07-13 17:00 – Updated: 2024-08-07 05:52
VLAI
Summary
Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://sourceforge.net/apps/mantisbt/adbnewssende… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/35596 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/35845 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-07-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-07-22T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=694644",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"name": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "35845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2449",
"datePublished": "2009-07-13T17:00:00.000Z",
"dateReserved": "2009-07-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:52:14.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2444 (GCVE-0-2009-2444)
Vulnerability from nvd – Published: 2009-07-13 14:00 – Updated: 2024-08-07 05:52
VLAI
Summary
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://r00tsecurity.org/forums/index.php?showtopic=9460 | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2009/1808 | vdb-entryx_refsource_VUPEN |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://sourceforge.net/apps/mantisbt/adbnewssende… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/35596 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/35845 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-07-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://r00tsecurity.org/forums/index.php?showtopic=9460"
},
{
"name": "ADV-2009-1808",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "adbnewssender-step1-file-include(51720)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51720"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://r00tsecurity.org/forums/index.php?showtopic=9460"
},
{
"name": "ADV-2009-1808",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "adbnewssender-step1-file-include(51720)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51720"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://r00tsecurity.org/forums/index.php?showtopic=9460",
"refsource": "MISC",
"url": "http://r00tsecurity.org/forums/index.php?showtopic=9460"
},
{
"name": "ADV-2009-1808",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1808"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=694644",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"name": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "adbnewssender-step1-file-include(51720)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51720"
},
{
"name": "35845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2444",
"datePublished": "2009-07-13T14:00:00.000Z",
"dateReserved": "2009-07-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:52:14.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6047 (GCVE-0-2008-6047)
Vulnerability from nvd – Published: 2009-02-04 15:10 – Updated: 2024-09-17 02:05
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/32903 | vdb-entryx_refsource_BID |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://secunia.com/advisories/33224 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:13:14.111Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32903"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=647876"
},
{
"name": "33224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33224"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-04T15:10:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32903"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=647876"
},
{
"name": "33224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33224"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32903"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=647876",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=647876"
},
{
"name": "33224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33224"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6047",
"datePublished": "2009-02-04T15:10:00.000Z",
"dateReserved": "2009-02-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:05:48.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2449 (GCVE-0-2009-2449)
Vulnerability from cvelistv5 – Published: 2009-07-13 17:00 – Updated: 2024-08-07 05:52
VLAI
Summary
Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://sourceforge.net/apps/mantisbt/adbnewssende… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/35596 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/35845 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-07-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.727Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-07-22T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in maillinglist/admin/change_config.php in ADbNewsSender before 1.5.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=694644",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"name": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "35845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2449",
"datePublished": "2009-07-13T17:00:00.000Z",
"dateReserved": "2009-07-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:52:14.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2444 (GCVE-0-2009-2444)
Vulnerability from cvelistv5 – Published: 2009-07-13 14:00 – Updated: 2024-08-07 05:52
VLAI
Summary
Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://r00tsecurity.org/forums/index.php?showtopic=9460 | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2009/1808 | vdb-entryx_refsource_VUPEN |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://sourceforge.net/apps/mantisbt/adbnewssende… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/35596 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/35845 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-07-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:52:14.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://r00tsecurity.org/forums/index.php?showtopic=9460"
},
{
"name": "ADV-2009-1808",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1808"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "adbnewssender-step1-file-include(51720)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51720"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://r00tsecurity.org/forums/index.php?showtopic=9460"
},
{
"name": "ADV-2009-1808",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1808"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "adbnewssender-step1-file-include(51720)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51720"
},
{
"name": "35845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in maillinglist/setup/step1.php.inc in ADbNewsSender before 1.5.6, and 2.0 before RC2, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path_to_lang parameter to setup/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://r00tsecurity.org/forums/index.php?showtopic=9460",
"refsource": "MISC",
"url": "http://r00tsecurity.org/forums/index.php?showtopic=9460"
},
{
"name": "ADV-2009-1808",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1808"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=694644",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=694644"
},
{
"name": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/apps/mantisbt/adbnewssender/view.php?id=22"
},
{
"name": "35596",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35596"
},
{
"name": "adbnewssender-step1-file-include(51720)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51720"
},
{
"name": "35845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2444",
"datePublished": "2009-07-13T14:00:00.000Z",
"dateReserved": "2009-07-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:52:14.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6047 (GCVE-0-2008-6047)
Vulnerability from cvelistv5 – Published: 2009-02-04 15:10 – Updated: 2024-09-17 02:05
VLAI
Summary
Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/32903 | vdb-entryx_refsource_BID |
| http://sourceforge.net/project/shownotes.php?rele… | x_refsource_CONFIRM |
| http://secunia.com/advisories/33224 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:13:14.111Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32903"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=647876"
},
{
"name": "33224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33224"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-04T15:10:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32903"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=647876"
},
{
"name": "33224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33224"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32903"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=647876",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=647876"
},
{
"name": "33224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33224"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6047",
"datePublished": "2009-02-04T15:10:00.000Z",
"dateReserved": "2009-02-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:05:48.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}