282 matches found
CVE-2018-10227
MiniCMS v1.10 has XSS via the mc-admin/conf.php sitelink parameter...
CVE-2018-10227
CVE-2018-10227 affects MiniCMS v1.10. The vulnerability is an XSS flaw in the mc-admin/conf.php site_link parameter, allowing an attacker to inject script through that parameter to execute commands in the user context. No remediation details are provided in the supplied documents. Exploitation st...
MiniCMS 1.10 Cross Site Request Forgery
test document.forms0.submit;...
MiniCMS 1.10 - Cross-Site Request Forgery
MiniCMS 1.10 - Cross-Site Request Forgery test document.forms0.submit;...
MiniCMS 1.10 - Cross-Site Request Forgery
test document.forms0.submit;...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
Cross site request forgery (csrf)
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password...
CVE-2018-9092
MiniCMS 1.10 has a Cross-Site Request Forgery vulnerability in mc-admin/conf.php that can change the administrator password. Public details show CVE-2018-9092 with CVSS v2 base 6.8 (MEDIUM) and CVSS v3 base 8.8 (HIGH); attack vector NETWORK, authentication NONE, but user interaction is REQUIRED p...
miniCMS 1.0 & 2.0 - PHP Code Inject
No description provided by source...
CVE-2012-5231
miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted 1 pagename or 2 area variable containing an executable extension, which is not properly handled by a update.php when writing files to content/, or b updatenews.php when writing files to content/news/...
CVE-2012-5231
miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted 1 pagename or 2 area variable containing an executable extension, which is not properly handled by a update.php when writing files to content/, or b updatenews.php when writing files to content/news/...
CVE-2012-5231
CVE-2012-5231 affects miniCMS 1.0 and 2.0. The vulnerability arises from improper handling of an executable extension in user-controlled fields (pagename or area) when update.php writes to content/ and in updatenews.php when writing to content/news/. This results in remote attackers being able to...
CVE-2012-5231
miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted 1 pagename or 2 area variable containing an executable extension, which is not properly handled by a update.php when writing files to content/, or b updatenews.php when writing files to content/news/...
miniCMS Multiple Remote PHP Code Injection Vulnerabilities
miniCMS is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary PHP code because the application fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
miniCMS Multiple Remote PHP Code Injection Vulnerabilities
miniCMS is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary PHP code because the application fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected application and possibly the underlying computer. miniCMS 1.0 and 2.0 are...
miniCMS 1.0 / 2.0 Code Execution
Title : miniCMS v1.0 : v2.0 php inject code Author : Or4nG.M4n Version : all version GDork : "This site is managed using MiniCMS©" Download : http://sourceforge.net/projects/mini-cms/files/mini-cms/ Thnks : +----------------------------------+ | xSs m4n i-Hmx h311 c0d3 | sp. Cyb3r-Crystal |...
miniCMS v1.0 => v2.0 Arbitrary File Upload
Exploit for php platform in category web applications Title : miniCMS v1.0 = v2.0 Arbitrary File Upload Author : Or4nG.M4n Version : all version GDork : "This site is managed using MiniCMSŠ" Download : http://sourceforge.net/projects/mini-cms/files/mini-cms/ Thnks :...