ID de Prueba:	1.3.6.1.4.1.25623.1.0.801391
Categoría:	Web application abuses
Título:	SimpNews Multiple Vulnerabilities
Resumen:	SimpNews is prone to multiple vulnerabilities.
Descripción:	Summary: SimpNews is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are exists due to: - An error 'news.php', allow remote attackers to inject arbitrary web scripts via the 'layout' and 'sortorder' parameters. - An error in 'news.php' allows remote attackers to obtain sensitive information via an invalid lang parameter, which reveals the installation path in an error message. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary web scripts and to obtain sensitive information. Affected Software/OS: SimpNews Version 2.47.03 and prior. Solution: Upgrade to the SimpNews version 2.48 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2858 BugTraq ID: 41517 http://www.securityfocus.com/bid/41517 Bugtraq: 20100709 Vulnerabilities in SimpNews (Google Search) http://www.securityfocus.com/archive/1/512271/100/0/threaded http://packetstormsecurity.org/1007-exploits/simpnews-xss.txt http://websecurity.com.ua/4245/ http://secunia.com/advisories/40501 XForce ISS Database: simpnews-news-xss(60244) https://exchange.xforce.ibmcloud.com/vulnerabilities/60244 Common Vulnerability Exposure (CVE) ID: CVE-2010-2859
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.