55 matches found
CVE-2015-2678
Multiple cross-site scripting XSS vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter in the categories page to gxadmin/index.php or 2 page parameter to index.php...
CVE-2015-2680
Cross-site request forgery CSRF vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php...
CVE-2015-2679
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...
CVE-2015-2680
CVE-2015-2680 is a CSRF flaw in MetalGenix GeniXCMS before 0.0.2 that lets an attacker hijack administrator access by adding an admin account via gxadmin/index.php. Red Hat and OSV records describe an incomplete fix (token-based CSRF protection not validated against an Admin session), leading to ...
CVE-2015-2679
CVE-2015-2679 affects MetalGenix GeniXCMS up to version 0.0.2. The issue is due to unsanitized inputs: the page parameter in index.php and the username parameter in gxadmin/login.php are used directly in SQL queries, enabling remote SQL injection. Exploits/public PoCs exist (e.g., Exploit-DB 3632...
CVE-2015-2678
MetalGenix GeniXCMS before 0.0.2 is affected by multiple cross-site scripting (XSS) flaws. The vulnerability stems from unsanitized input in the cat parameter on gxadmin/index.php (for the categories page) and the page parameter on index.php, enabling remote attackers to inject arbitrary script/H...
GeniXCMS 0.0.1 Cross Site Request Forgery
GeniXCMS v0.0.1 CSRF Add Admin Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to...
GeniXCMS 0.0.1 SQL Injection
GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...
GeniXCMS 0.0.1 Cross Site Scripting
GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP...
GeniXCMS 0.0.1 - Multiple Vulnerabilities
GeniXCMS 0.0.1 - Multiple Vulnerabilities GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight...
GeniXCMS 0.0.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and...
GeniXCMS 0.0.1 - Multiple Vulnerabilities
GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...
GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit
Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed via the 'page'...
GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability
Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed to the 'cat' PO...
GeniXCMS v0.0.1 CSRF Add Admin Exploit
Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description The application allows users...