Lucene search
K

168 matches found

CVE
CVE
added 2022/02/01 6:36 p.m.45 views

CVE-2021-46093

CVE-2021-46093 details (connected documents): eliteCMS v1.0 is vulnerable to an insecure permissions/file upload issue via manage_uploads.php. Multiple sources describe a web content management platform (Elite Graphix Elite Cms) affected by a file upload vulnerability that, due to lack of proper ...

9.8CVSS9.3AI score0.01186EPSS
Exploits1References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.8 views

eliteCMS 1.0 'page' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30990/info eliteCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

elitecms 1.01 (sql/xss) Multiple Vulnerabilities

No description provided by source. eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to daganarus, dearest of all my friends. SQL injection requires magicquotes = off -/includes/functions.php --------------------------------- 89. function getpagesettings ... 92. $query = SELECT FROM...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/11/16 12:0 a.m.14 views

eliteCMS installation file did not validate + the word written to the security vulnerability-vulnerability warning-the black bar safety net

eliteCMS installation program after the installation is not locked, cause hackers can access setup addresses repeat the installation 另外 一 个 漏洞 是 安装 程序 可以 直接 写 入 一句话 到 admin/includes/config.php We look at the code: ... elseif $GET'step' == "4" $file = "../admin/includes/config.php"; $write = "?...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2010/07/13 12:0 a.m.16 views

eliteCMS Multiple Cross Site Scripting Vulnerabilities

eliteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2010/07/13 12:0 a.m.15 views

eliteCMS Multiple Cross Site Scripting Vulnerabilities

eliteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7.2AI score
Exploits0References2
exploitpack
exploitpack
added 2010/07/10 12:0 a.m.11 views

eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities

eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41537/info eliteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/10 12:0 a.m.25 views

eliteCMS 1.01 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/41537/info eliteCMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script cod...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/05/05 12:0 a.m.26 views

eliteCMS 1.01 Cross Site Request Forgery

Vulnerability ID: HTB22355 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinelitecms.html Product: eliteCMS Vendor: Elite Graphix Vulnerable Version: 1.01 and Probably Prior Versions Vendor Notification: 19 April 2010 Vulnerability Type: CSRF Cross-Site Request Forgery Status: Not Fixed, Vend...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/05/05 12:0 a.m.22 views

eliteCMS Cross Site Scripting

Vulnerability ID: HTB22354 Reference: http://www.htbridge.ch/advisory/xssinelitecms.html Product: eliteCMS Vendor: Elite Graphix Vulnerable Version: 1.01 and Probably Prior Versions Vendor Notification: 18 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2010/05/04 12:0 a.m.45 views

XSRF (CSRF) in eliteCMS

Vulnerability ID: HTB22355 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinelitecms.html Product: eliteCMS Vendor: Elite Graphix Vulnerable Version: 1.01 and Probably Prior Versions Vendor Notification: 19 April 2010 Vulnerability Type: CSRF Cross-Site Request Forgery Status: Not Fixed, Vend...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/05/04 12:0 a.m.41 views

XSS in eliteCMS

Vulnerability ID: HTB22354 Reference: http://www.htbridge.ch/advisory/xssinelitecms.html Product: eliteCMS Vendor: Elite Graphix Vulnerable Version: 1.01 and Probably Prior Versions Vendor Notification: 18 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted,...

0.6AI score
Exploits0
htbridge
htbridge
added 2010/04/18 12:0 a.m.19 views

Cross-site Scripting Vulnerabilities in eliteCMS

High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in eliteCMS which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting XSS vulnerabilities in eliteCMS 1.1 An input sanitation error was found in the "page" parameter in...

4.3CVSS6.3AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2009/06/14 12:0 a.m.21 views

eliteCMS Detection

This host is running eliteCMS a free, PHP and MySQL driven Content Management System. OpenVAS Vulnerability Test $Id: eliteCMSdetect.nasl 5721 2017-03-24 14:42:01Z cfi $ eliteCMS Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free software; yo...

Exploits0References1
OpenVAS
OpenVAS
added 2009/06/14 12:0 a.m.26 views

eliteCMS multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

7.5CVSS0.4AI score0.00973EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/06/14 12:0 a.m.7 views

eliteCMS Detection

This host is running eliteCMS a free, PHP and MySQL driven Content Management System. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/06/14 12:0 a.m.29 views

eliteCMS Multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

7.5CVSS6.7AI score0.00973EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2009/06/03 12:0 a.m.18 views

eliteCMS 1.01 XSS / SQL Injection

eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to daganarus, dearest of all my friends. SQL injection requires magicquotes = off -/includes/functions.php --------------------------------- 89. function getpagesettings ... 92. $query = "SELECT FROM pages WHERE id = '$GET'page''"; 93...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2009/06/02 12:0 a.m.12 views

eliteCMS 1.01 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to daganarus, dearest of all my friends. SQL injection requires magicquotes = off -/includes/functions.php --------------------------------- 89. function getpagesettings ... 92. $query = "SELECT FROM...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/06/01 12:0 a.m.14 views

eliteCMS 1.01 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================= eliteCMS 1.01 SQL/XSS Multiple Remote Vulnerabilities ======================================================= eliteCMS 1.01 SQL/XSS Multiple Remote Vulns by xenohive greets to...

7.1AI score
Exploits0
Rows per page
Query Builder