Lucene search
K

128 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

GetSimple CMS 2.01 and 2.02 Administrative Credentials Disclosure

No description provided by source. Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/05/08 12:0 a.m.19 views

CMS Touch 2.01 Cross Site Scripting / SQL Injection

cms touch V2.01 Sql Vulnerability ================================= Author : indoushka vendor : http://cmstouch.com ================================= Dork : powered by cmstouch نظام تاتش لإدارة المواقع الإلكترونية النسخة 2.01 http://alfarrajsite.com/cmstouch/pages.php?PageID=28 inject here...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2014/05/08 12:0 a.m.24 views

CMS Touch - 'pages.php?Page_ID' SQL Injection

source: https://www.securityfocus.com/bid/67377/info CMS Touch is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Successful exploits could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit...

7.4AI score
Exploits0
Prion
Prion
added 2013/01/31 5:44 a.m.21 views

Directory traversal

Directory traversal vulnerability in the getContent function in codes/wcms.php in w-CMS 2.01 allows remote attackers to read arbitrary files via a .. dot dot in the p parameter. NOTE: some of these details are obtained from third party information...

5CVSS7.2AI score0.04042EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2013/01/31 5:44 a.m.23 views

CVE-2012-6523

Multiple cross-site scripting XSS vulnerabilities in w-CMS 2.01 allow remote attackers to inject arbitrary web script or HTML via 1 the p parameter in the getMenus function in codes/wcms.php; or the COMMENT parameter in 2 blog.php, 3 guestbook.php, or 4 forum.php in codes/. NOTE: some of these...

4.3CVSS5.8AI score0.01879EPSS
Exploits1References7
Prion
Prion
added 2013/01/31 5:44 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in w-CMS 2.01 allow remote attackers to inject arbitrary web script or HTML via 1 the p parameter in the getMenus function in codes/wcms.php; or the COMMENT parameter in 2 blog.php, 3 guestbook.php, or 4 forum.php in codes/. NOTE: some of these...

4.3CVSS6.1AI score0.01879EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2013/01/31 2:0 a.m.25 views

CVE-2012-6523

Multiple cross-site scripting XSS vulnerabilities in w-CMS 2.01 allow remote attackers to inject arbitrary web script or HTML via 1 the p parameter in the getMenus function in codes/wcms.php; or the COMMENT parameter in 2 blog.php, 3 guestbook.php, or 4 forum.php in codes/. NOTE: some of these...

5.8AI score0.01879EPSS
Exploits1References7
CVE
CVE
added 2013/01/31 2:0 a.m.54 views

CVE-2012-6523

CVE-2012-6523 describes multiple cross-site scripting (XSS) vulnerabilities in w-CMS 2.01. The flaws allow remote attackers to inject arbitrary web script or HTML via: (1) the p parameter in the getMenus function in codes/wcms.php; and (2) the COMMENT parameter in blog.php, guestbook.php, or foru...

4.3CVSS5.9AI score0.01879EPSS
Exploits1References7Affected Software1
Packet Storm
Packet Storm
added 2012/01/10 12:0 a.m.16 views

W-CMS 2.01 Cross Site Scripting / Directory Traversal

Exploit Title: W-Cms Multiple Vulnerability Date: 2012-01-09 Author: th3.g4m30v3r Site:http://w-cms.info/ Software Link: http://code.google.com/p/wcms/ Dork: intext:"Powered by w-CMS" Version : 2.01 Tested on: Window 7 Yogesh Kashyap, shubneet goel, w4rl0ck.d0wn, Chip, VzAcnY, Razzy, Sayan, Jaggi...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2011/11/23 1:0 a.m.24 views

CVE-2010-5052

Cross-site scripting XSS vulnerability in admin/components.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the val parameter...

5.7AI score0.02987EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/10/05 10:0 a.m.24 views

CVE-2010-4863

Cross-site scripting XSS vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter...

5.7AI score0.03336EPSS
Exploits1References6
CVE
CVE
added 2011/10/05 10:0 a.m.59 views

CVE-2010-4863

GetSimple CMS 2.01 is affected by a Cross-site Scripting (XSS) vulnerability in admin/changedata.php via the post-title parameter. The root cause is an input sanitation error that allows remote attackers to inject arbitrary HTML/JS into a user’s browser. The CVE entry CVE-2010-4863 documents this...

4.3CVSS5.8AI score0.03336EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2011/09/08 12:0 a.m.12 views

WordPress Plugin Paid Downloads 2.01 - SQL Injection

WordPress Plugin Paid Downloads 2.01 - SQL Injection Exploit Title: WordPress Paid Downloads plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $downloadkey = $GET"downloadkey"; $sql = "SELECT FROM ".$wpdb-prefix."pddownloadlinks WHERE...

0.7AI score
Exploits0
0day.today
0day.today
added 2011/09/07 12:0 a.m.15 views

WordPress Paid Downloads plugin <= 2.01 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Paid Downloads plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $downloadkey = $GET"downloadkey"; $sql = "SELECT FROM ".$wpdb-prefix."pddownloadlinks WHERE...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/02/21 12:0 a.m.29 views

JAKCMS <= v2.01 RC1 Blind SQL Injection Exploit

Exploit for php platform in category web applications !/usr/bin/python jakCMS = v2.01 RC1 Blind SQL Injection Exploit Understanding: The parameters 'JAKCOOKIENAME' and 'JAKCOOKIEPASS' are parsed via cookies to the application and are unchecked for malicious characters. The contents of these...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2010/11/30 12:0 a.m.14 views

GetSimple CMS < 2.03 Administrative Credentials Disclosure Vulnerability

GetSimple CMS is prone to an administrative credentials disclosure vulnerability. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

7.2AI score
Exploits0References1
exploitpack
exploitpack
added 2010/09/29 12:0 a.m.12 views

Getsimple CMS 2.01 - changedata.php Cross-Site Scripting

Getsimple CMS 2.01 - changedata.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43593/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/13 12:0 a.m.19 views

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF - Change Admin Password -= CSRF PoC 2 - Delete Page =- -= CSRF PoC 3 - Delete All Backup...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/12 12:0 a.m.18 views

Getsimple CMS 2.01 - Multiple Vulnerabilities

Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF - Change Admin Password -= CSRF PoC 2 - Delete Page =- -= CSRF PoC 3 - Delete All Backup...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2010/05/25 12:0 a.m.20 views

openMairie openCimetiere Multiple File Inclusion Vulnerabilities

This host is running openMairie openCimetiere and is prone to multiple file inclusion vulnerabilities. OpenVAS Vulnerability Test $Id: secpodopenmairieopencimetieremultfileinclvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ openMairie openCimetiere Multiple File Inclusion Vulnerabilities Authors:...

6.8CVSS0.2AI score0.05832EPSS
Exploits1References3
Rows per page
Query Builder