20 matches found
EUVD-2010-3721
Malware in sbrugna...
EUVD-2010-3305
Malware in sbrugna...
CVE-2010-3742
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 meta or 2 phpincdir parameter, a different issue than CVE-2010-3307...
CVE-2010-3307
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...
Free Simple CMS Cross-Site Scripting Vulnerability
Free Simple CMS is an open source content management system CMS. The system supports customized templates and other features. A cross-site scripting vulnerability exists in Free Simple CMS, which stems from the program's failure to adequately filter user-submitted input. When a user browses the...
Free Simple CMS Local File Inclusion Vulnerability
Free Simple CMS is an open source content management system CMS. The system supports customized templates and other features. A local file inclusion vulnerability exists in Free Simple CMS, which stems from the program failing to adequately filter user-submitted input. An attacker can read and...
Free Simple CMS 1.0 - Multiple Vulnerabilities
No description provided by source...
HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS
Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...
Free Simple CMS 1.0 Cross Site Scripting / Local File Inclusion
Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...
Free Simple CMS 1.0 Multiple Vulnerabilities
Exploit for php platform in category web applications Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability Type: XSS Cross Site Scripting, Local File...
Free Simple CMS 1.0 - Multiple Vulnerabilities
Free Simple CMS 1.0 - Multiple Vulnerabilities Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0...
Free Simple CMS 1.0 - Multiple Vulnerabilities
Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...
Multiple Vulnerabilities in Free Simple CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Free Simple CMS which could be exploited to perform cross-site scripting attacks and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in Free Simple CMS 1.1 The vulnerability exists due to input...
CVE-2010-3742
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 meta or 2 phpincdir parameter, a different issue than CVE-2010-3307...
CVE-2010-3307
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 meta or 2 phpincdir parameter, a different issue than CVE-2010-3307...
CVE-2010-3742
CVE-2010-3742 describes multiple PHP remote file inclusion vulnerabilities in Free Simple CMS 1.0, specifically in themes/default/index.php. The underlying issue allows an attacker to cause arbitrary PHP code execution by supplying a URL in the (1) meta or (2) phpincdir parameter, as reported (di...
CVE-2010-3307
CVE-2010-3307 involves multiple PHP remote file inclusion vulnerabilities in the Free Simple CMS 1.0 (and earlier). The issue arises in the themes/default/index.php file, where a URL provided in the following parameters can be used to include remote code: body, footer, header, menu_left, and menu...
[oCERT-2010-003] Free Simple CMS path sanitization errors
2010-003 Free Simple CMS path sanitization errors Description: Free Simple CMS, an open source content management system, suffers from remote file inclusion vulnerabilities. Insufficient path sanitization on several query string parameters leads to inclusion of arbitrary files from remote sources...