60 matches found
Sql injection
SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action...
CVE-2010-1093
CVE-2010-1093 details (MODE C): Affected product: 1024 CMS 2.1.1. The vulnerability is a SQL injection in rss.php when magic_quotes_gpc is disabled, allowing remote attackers to execute arbitrary SQL commands via the id parameter in a vp action. This is the explicit root cause described in connec...
CVE-2010-1093
SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action...
1024 CMS 1.4.4 RFI / Command Execution
!/usr/bin/perl 1024 CMS = 1.4.4 Remote Command Execution with RFI c99 Exploit download: http://www.trebledesigns.com/1024cms.zip Author: JosS mail: sys-projectathotmaildotcom site: http://www.hack0wn.com/ team: Spanish Hackers Team - SHT Hack0wn Security Project!! This was written for educational...
1024 CMS 1.4.4 - Remote Command Execution Remote File Inclusion
1024 CMS 1.4.4 - Remote Command Execution Remote File Inclusion !/usr/bin/perl 1024 CMS = 1.4.4 Remote Command Execution with RFI c99 Exploit download: http://www.trebledesigns.com/1024cms.zip Author: JosS mail: sys-projectathotmaildotcom site: http://www.hack0wn.com/ team: Spanish Hackers Team -...
1024 CMS <= 1.4.4 Remote Command Execution with RFI (c99) Exploit
Exploit for unknown platform in category web applications ================================================================= 1024 CMS = 1.4.4 Remote Command Execution with RFI c99 Exploit ================================================================= !/usr/bin/perl 1024 CMS = 1.4.4 Remote Comma...
1024 CMS 1.4.4 - Remote Command Execution / Remote File Inclusion
!/usr/bin/perl 1024 CMS = 1.4.4 Remote Command Execution with RFI c99 Exploit download: http://www.trebledesigns.com/1024cms.zip Author: JosS mail: sys-projectathotmaildotcom site: http://www.hack0wn.com/ team: Spanish Hackers Team - SHT Hack0wn Security Project!! This was written for educational...
DSECRG-08-027.txt
Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/ Bug: Multiple Remote/Local File Include Exploits: YES Reported: 18.06.2008 Second report: 27.06.2008 Vendor Response: NONE Solution: NONE Dat...
1024 CMS <= 1.4.4 Multiple Remote/Local File Inclusion Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/...
1024 CMS <= 1.4.4 Multiple Remote/Local File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ====================================================================== 1024 CMS ?php if!isset$pageinclude if$pageck'custom...
[DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC
Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/ Bug: Multiple Remote/Local File Include Exploits: YES Reported: 18.06.2008 Second report: 27.06.2008 Vendor Response: NONE Solution: NONE Dat...
1024 CMS 1.4.4 - Multiple LocalRemote File Inclusions
1024 CMS 1.4.4 - Multiple LocalRemote File Inclusions Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/ Bug: Multiple Remote/Local File Include Exploits: YES Reported: 18.06.2008 Second repor...
1024 CMS 1.4.4 - Multiple Local/Remote File Inclusions
Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/ Bug: Multiple Remote/Local File Include Exploits: YES Reported: 18.06.2008 Second report: 27.06.2008 Vendor Response: NONE Solution: NONE Dat...
Sql injection
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie...
CVE-2008-1911
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie...
CVE-2008-1911
The CVE-2008-1911 entry concerns a SQL injection in 1024 CMS (version 1.4.2 beta and earlier) inside includes/system.php. The root cause is the vulnerability being exploitable when magic_quotes_gpc is disabled, allowing remote attackers to inject and execute arbitrary SQL via a cookpass cookie. I...
CVE-2008-1911
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie...
1024cms-lfisql.txt
Author: GiReX mySite: girex.altervista.org Date: 13/04/2008 CMS: 1024 CMS = 1.4.1 and 1.4.2 beta Site: 1024cms.com Bug1: Local File Inclusion Need: magicquotesgpc = Off / registerglobals = On Bug2: Cookie Blind SQL Injection Exploit: Admin Hash Retrieve Exploit Need: magicquotesgpc = Off Bug1: Vu...
Directory traversal
Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the lang parameter to pages/print/default/ops/news.php or 2 the themedir parameter to pages/download/default/ops/search.php; or the adminthemedi...
CVE-2007-6583
SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter...