CVE-2018-12266

system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that triggers a 404 HTTP status code...

blog.studioview.org.ua XSS vulnerability

Vulnerable URL: http://blog.studioview.org.ua/404.php?msg=%22%3E%3Csvg/onload=confirm%28/xssposed/%29// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Goog...

open-medium.CMS <= 0.25 (404.php) Remote File Include Vulnerability

No description provided by source. DEVIL TEAM THE BEST POLISH TEAM open-medium 0.25 - Content Management System - Remote File Include Vulnerabilities Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl code...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

Ignition 1.3 - &#039;page.php&#039; Local File Inclusion

Ignition 1.3 page Local File Inclusion Vulnerability disclosed by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz note: 1. Magicquotesgpc should be turned off in order to exploit this vulnerability 2. LFI bugs found by me in previous version 1.2 are still...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to 1 404.php or 2 topbar.php, different vectors than CVE-2006-6368...

CVE-2007-3240

The CVE-2007-3240 entry concerns the WordPress Vistered-Little theme vulnerable in 404.php: XSS via the REQUEST_URI that accesses index.php, potentially allowing remote injection of script/HTML and, per notes, execution in an administrative session. The issue is actionable in the theme code and i...

Cross site scripting

Cross-site scripting XSS vulnerability in 404.php in Domain Technologie Control DTC before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO REQUESTURI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2007-3211

CVE-2007-3211 is a Cross-site scripting vulnerability affecting Domain Technologie Control (DTC) prior to 0.25.9. The issue occurs in 404.php, where input supplied via PATH_INFO (REQUEST_URI) is not properly sanitized, enabling remote attackers to inject arbitrary web script or HTML. Affected pro...

CVE-2007-3211

Cross-site scripting XSS vulnerability in 404.php in Domain Technologie Control DTC before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO REQUESTURI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

WordPress Vistered Little Theme - XSS

Because of this vulnerability in 404.php, the attackers can inject arbitrary web script or HTML via the URI REQUESTURI that accesses index.php. Solution Update the theme...

CVE-2007-1849

Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. dot dot in the dprivate parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version...

CVE-2007-1849

Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. dot dot in the dprivate parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version...

open-medium.CMS 0.25 - 404.php Remote File Inclusion

open-medium.CMS 0.25 - 404.php Remote File Inclusion DEVIL TEAM THE BEST POLISH TEAM open-medium 0.25 - Content Management System - Remote File Include Vulnerabilities Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or...

open-medium.CMS &lt;= 0.25 (404.php) Remote File Include Vulnerability

No description provided by source. DEVIL TEAM THE BEST POLISH TEAM open-medium 0.25 - Content Management System - Remote File Include Vulnerabilities Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl code...

open-medium.CMS 0.25 - &#039;404.php&#039; Remote File Inclusion

DEVIL TEAM THE BEST POLISH TEAM open-medium 0.25 - Content Management System - Remote File Include Vulnerabilities Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl code 404.php: ....... else // templates...