Lucene search
K

55 matches found

cvelist
cvelist
added 2015/03/23 4:0 p.m.23 views

CVE-2015-2678

Multiple cross-site scripting XSS vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 cat parameter in the categories page to gxadmin/index.php or 2 page parameter to index.php...

5.8AI score0.05358EPSS
Exploits2References8
cvelist
cvelist
added 2015/03/23 4:0 p.m.27 views

CVE-2015-2680

Cross-site request forgery CSRF vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php...

8.8AI score0.03907EPSS
Exploits2References9
cvelist
cvelist
added 2015/03/23 4:0 p.m.24 views

CVE-2015-2679

Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...

8.5AI score0.05575EPSS
Exploits2References10
cve
cve
added 2015/03/23 4:0 p.m.46 views

CVE-2015-2680

CVE-2015-2680 is a CSRF flaw in MetalGenix GeniXCMS before 0.0.2 that lets an attacker hijack administrator access by adding an admin account via gxadmin/index.php. Red Hat and OSV records describe an incomplete fix (token-based CSRF protection not validated against an Admin session), leading to ...

6.8CVSS8.7AI score0.03907EPSS
Exploits2References9Affected Software1
cve
cve
added 2015/03/23 4:0 p.m.66 views

CVE-2015-2679

CVE-2015-2679 affects MetalGenix GeniXCMS up to version 0.0.2. The issue is due to unsanitized inputs: the page parameter in index.php and the username parameter in gxadmin/login.php are used directly in SQL queries, enabling remote SQL injection. Exploits/public PoCs exist (e.g., Exploit-DB 3632...

7.5CVSS8.8AI score0.05575EPSS
Exploits2References10Affected Software1
cve
cve
added 2015/03/23 4:0 p.m.52 views

CVE-2015-2678

MetalGenix GeniXCMS before 0.0.2 is affected by multiple cross-site scripting (XSS) flaws. The vulnerability stems from unsanitized input in the cat parameter on gxadmin/index.php (for the categories page) and the page parameter on index.php, enabling remote attackers to inject arbitrary script/H...

4.3CVSS5.9AI score0.05358EPSS
Exploits2References8Affected Software1
packetstorm
packetstorm
added 2015/03/11 12:0 a.m.26 views

GeniXCMS 0.0.1 Cross Site Request Forgery

GeniXCMS v0.0.1 CSRF Add Admin Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to...

0.3AI score
Exploits0
packetstorm
packetstorm
added 2015/03/11 12:0 a.m.25 views

GeniXCMS 0.0.1 SQL Injection

GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...

0.3AI score
Exploits0
packetstorm
packetstorm
added 2015/03/11 12:0 a.m.24 views

GeniXCMS 0.0.1 Cross Site Scripting

GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/03/10 12:0 a.m.13 views

GeniXCMS 0.0.1 - Multiple Vulnerabilities

GeniXCMS 0.0.1 - Multiple Vulnerabilities GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight...

0.3AI score
Exploits0
zdt
zdt
added 2015/03/10 12:0 a.m.21 views

GeniXCMS 0.0.1 - Multiple Vulnerabilities

Exploit for php platform in category web applications GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2015/03/10 12:0 a.m.28 views

GeniXCMS 0.0.1 - Multiple Vulnerabilities

GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...

7.4AI score
Exploits0
zeroscience
zeroscience
added 2015/03/10 12:0 a.m.47 views

GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit

Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed via the 'page'...

7.5CVSS6AI score0.05575EPSS
Exploits2
zeroscience
zeroscience
added 2015/03/10 12:0 a.m.147 views

GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability

Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed to the 'cat' PO...

4.3CVSS6.1AI score0.05358EPSS
Exploits2
zeroscience
zeroscience
added 2015/03/10 12:0 a.m.67 views

GeniXCMS v0.0.1 CSRF Add Admin Exploit

Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description The application allows users...

6.8CVSS7.3AI score0.03907EPSS
Exploits2
Rows per page
Query Builder