Blackcat CMS Cross-Site Scripting Vulnerability (CNVD-2017-24891)

BlackCat CMS is a content management system CMS based on PHP5 and HTML5 developed by Black Cat team. A cross-site scripting vulnerability exists in Blackcat CMS version 1.2. A remote attacker can inject arbitrary web script or HTML by sending the 'maplanguage' parameter to the file...

CVE-2017-9609

Cross-site scripting XSS vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the maplanguage parameter to backend/pages/langsettings.php...

XSS cross-site scripting vulnerability in the 'language' parameter of UFIDA U8+ system

UFIDA U8+ is to support enterprises to realize multi-end PC, cell phone, tablet and other devices multi-system windows, iOS, Android and other mainstream systems application deployment of business software. An XSS cross-site scripting vulnerability exists in the 'language' parameter of the UFIDA...

MODX Revolution 'setup/controllers/language.php' file HTTP response splitting vulnerability

MODX Revolution is a PHP-based open source content management system CMS from the U.S. company MODX. The system supports online collaboration, search engine optimization SEO, add-ons and more. A security vulnerability exists in the setup/controllers/language.php file in MODX Revolution 2.5.4-pl a...

CVE-2017-7320

setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier does not properly constrain the language parameter, which allows remote attackers to conduct Cookie-Bombing attacks and cause a denial of service cookie quota exhaustion, or conduct HTTP Response Splitting attacks with resulta...

CVE-2017-7320

setup/controllers/language.php in MODX Revolution 2.5.4-pl and earlier does not properly constrain the language parameter, which allows remote attackers to conduct Cookie-Bombing attacks and cause a denial of service cookie quota exhaustion, or conduct HTTP Response Splitting attacks with resulta...

CVE-2017-7320

MODX Revolution 2.5.4-pl and earlier are affected by a vulnerability in setup/controllers/language.php where the language parameter is not properly constrained. An attacker can supply an invalid value to trigger a Cookie-Bombing denial of service (cookie quota exhaustion) and can also perform HTT...

Websitebaker SQL Injection Vulnerability (CNVD-2016-01767)

websitebaker is an open source content management system CMS. Websitebaker suffers from a SQL injection vulnerability. Due to the failure of the PHP script to filter user-supplied data via the "language" HTTP POST parameter passed to "/account/preferences.php", a remotely authenticated attacker...

Bigware Shop 2.3.01 - Multiple Local File Inclusion

Exploit for php platform in category web applications Title: Bigware Shop 2.3.01 Multiple Local File Inclusion Vulnerabilities Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Vendor: http://www.bigware.de Download:...

WordPress Booking System Plugin <= 2.0 - Blind SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands via "language" parameter. Solution Update the plugin...

AVM Fritz!Box Arbitrary Command Execution Vulnerability

AVM Fritz!Box is a router product from the German company AVM. The AVM Fritz!Box cgi-bin/webcm URI fails to adequately filter shell metacharacters in the 'var:lang' parameter, presenting an arbitrary command execution vulnerability that could be exploited by a remote attacker to submit a special...

Seagate Business NAS Unauthenticated Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit4 'Seagate Business NAS Unauthenticated Remote Command Execution', 'Description' = %q Some Seagate Business NA...

Seagate Business NAS Unauthenticated Remote Command Execution

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open ...

php_news 2.0 admin/news.php language Parameter Remote File Inclusion

No description provided by source...

Dokeos 2.2 RC2 (index.php, language param) - SQL Injection

No description provided by source. 验证链接： http://host/index.php?language=0%27%20UNION%20SELECT%201,2,3,4,version %28%29,6,7,8%20--%202...

php_news 2.0 admin/catagory.php language Parameter Remote File Inclusion

No description provided by source...

Phreebooks 2.0 - Local File Inclusion

涉及文件: /index.php php //initialize our variables, set module to login if not logged in require'includes/applicationtop.php'; 在代码处理开始之前会加载 includes/applicationtop.php 进行一些初始化操作。 涉及文件: /includes/applicationtop.php 131-140行 php // set the language if isset$GET'language' $SESSION'language' =...

Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30731/info Freeway is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view...

Comet WebFileManager CheckUpload.php Language Parameter PHP Code Execution - Ver2 (CVE-2006-4077)

A code execution vulnerability has been reported in Vincenzo Valvano Comet WebFileManager CWFM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Comet WebFileManager CheckUpload.php Language Parameter PHP Code Execution - Ver2 (CVE-2006-4077)

A code execution vulnerability has been reported in Vincenzo Valvano Comet WebFileManager CWFM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...