CVE-2025-66447

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

CVE-2025-66447 Chamilo LMS has validation-less redirect on login page

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

CVE-2025-66447 Chamilo LMS has validation-less redirect on login page

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

CVE-2025-66447

CVE-2025-66447 affects Chamilo LMS versions 1.11.0 through 2.0-beta.1, where an attacker can trigger a malicious redirect on the login page via the redirect parameter. The issue is addressed in 2.0-beta.2. Public sources (NVD/Red Hat/others) describe a login-page redirect vulnerability with a fix...

Chamilo LMS 输入验证错误漏洞

Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS from 1.11.0 to 2.0-beta.1 contain a vulnerability related to input validation errors. Th...

PT-2026-31998

Chamilo LMS is a learning management system. From 1.11.0 to 2.0-beta.1, anyone can trigger a malicious redirect through the use of the redirect parameter to /login. This vulnerability is fixed in 2.0-beta.2...

EUVD-2005-2300

Malware in sbrugna...

EUVD-2006-5064

Malware in sbrugna...

EUVD-2008-5915

Malware in sbrugna...

CVE-2021-43674

ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2021-43674

ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2021-43674

CVE-2021-43674 concerns ThinkUp 2.0-beta.10 and a vulnerability in Smarty.class.php that enables path traversal. The connected sources consistently identify this as a vulnerability affecting ThinkUp 2.0-beta.10 and note that it affects products no longer supported by the maintainer. No explicit e...

Sql injection

SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the searchterms parameter...

UPDATE: Prowler 2.0 Beta

PenTestIT RSS Feed My older post about Prowler was about a good NINE months ago. Since then, a lot has changed and hence, this post is about the recently released update made to the AWS CIS Benchmark tool – Prowler 2.0 Beta! This new beta version has lots of improvements which you shall read abou...

paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit

No description provided by source. ?php / ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+ +:+:+...

Nukeviet 2.0 'admin/login.php' Cookie Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30681/info Nukeviet is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication. Attackers can exploit this vulnerability to gain...

Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC

No description provided by source. !-- + Title: Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC + Version: 2.0 Beta 1.1 not tested with older versions + Note: No need administrator to be logged : + Tested on: Linux Ubuntu 11.04 Google Chrome but will work in any other OS + Download...

Bloggeruniverse 2.0 Beta - (editcomments.php id) SQL Injection Exploit

No description provided by source...

Feng Office 2.0 Beta 3 XSS / Privilege Escalation

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Author: Ur0b0r0x Tiwtte: @Ur0b0r0x Email: [email protected] Line: GreyHat Home: cyberpunk-ur0x.blogspot.com Exploit Title: Feng Office Version 2.0 Beta 3 -...

Trojan/Backdoor Detection - BACKDOOR SatansBackdoor.2.0.Beta

Binary data 6219.prm...