162 matches found
CVE-2010-4663
Unspecified vulnerability in the News module in CMS Made Simple CMSMS before 1.9.1 has unknown impact and attack vectors...
DoceboLms 4.0.4 - Multiple Persistent Cross-Site Scripting Vulnerabilities
DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; input type="hidden" name="authenticrequest" value="23dfee506a74...
CompactCMS 1.4.1 SQL Injection
Vulnerability ID: HTB22697 Reference: http://www.htbridge.ch/advisory/sqlinjectionincompactcms.html Product: CompactCMS Vendor: compactcms.nl http://www.compactcms.nl/ Vulnerable Version: 1.4.1 Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...
CompactCMS 1.4.1 SQL Injection Vulnerability
Exploit for php platform in category web applications ============================================ CompactCMS 1.4.1 SQL Injection Vulnerability ============================================ Product: CompactCMS Vendor: compactcms.nl http://www.compactcms.nl/ Vulnerable Version: 1.4.1 Vendor...
Kayako eSupport 3.70.02 - SQL Injection
Kayako eSupport 3.70.02 - SQL Injection Name :Kayako eSupport v3.70.02 SQL Injection Vulnerability Date : july 17,2010 Critical Level : HIGH vendor URL :http://www.kayako.com/solutions/esupport/ google dork:Help Desk Software by Kayako SupportSuite v3.70.02 Author : Sid3^effects aKa HaRi special...
Kasseler CMS [Category] SQL Injection Vulnerabilities
No description provided by source. view source print? Kasseler CMS Category SQL Injection Vulnerabilities Author : Palyo34 Homepage : http://www.1923turk.com Script : www.kasseler-cms.net Vulnerable File index.php?module=News&do=Category&id= SQL XpL...
Kasseler CMS [Category] SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ===================================================== Kasseler CMS Category SQL Injection Vulnerabilities ===================================================== Author : Palyo34 Homepage : http://www.1923turk.com Script : www.kasseler-cms.n...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection
PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and che...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
Exploit for unknown platform in category web applications ======================================================== PHP-Nuke alert/XSS/.source 2. Html code injection : -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 0day.today 2018-03-19...
PHP-Nuke 8.0 - News Module Cross-Site Scripting / HTML Code Injection
Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
Facil-CMS 0.1RC2 Multiple Remote Vulnerabilities
No description provided by source. Script Facil-CMS 0.1RC2 +download: http://sourceforge.net/project/platformdownload.php?groupid=217673 DORK inurl:modules.php?modload=News Copyright C 2008 by FacilCMS.org inurl: /facil-cms/ Author any.zicky Contact Me anydotzickyatgmaildotcom ; About Facil CMS i...
w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research...
w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit
Exploit for unknown platform in category web applications ======================================================== w3bcms = v3.5.0 Multiple Remote Vulnerabilities Exploit ======================================================== !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST;...
w3bcms 3.5.0 SQL Injection
!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...
w3bcms 3.5.0 - Multiple Vulnerabilities
w3bcms 3.5.0 - Multiple Vulnerabilities !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security...
PHPX 3.5.16 - news_id SQL Injection
PHPX 3.5.16 - newsid SQL Injection action = $GET'action'; 12. $this-newsid = $GET'newsid'; 13. 14. global $userinfo; 15. global $core; 16. 17. $this-core = $core; 18. 19. $this-userinfo = $userinfo; 20. 21. 22. 23. 24. if !$this-userinfo DIE"HACK ATTEMPT"; 25. if $this-userinfonews != 1 DIE"NO...
CVE-2008-4356
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via 1 the nid parameter to index.php in a View action to the News module; 2 the vid parameter to index.php in a Result action to the Voting module; 3 the fid parameter t...
Sql injection
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via 1 the nid parameter to index.php in a View action to the News module; 2 the vid parameter to index.php in a Result action to the Voting module; 3 the fid parameter t...
CVE-2008-4356
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via 1 the nid parameter to index.php in a View action to the News module; 2 the vid parameter to index.php in a Result action to the Voting module; 3 the fid parameter t...