Lucene search
+L

197 matches found

Vulnerability Lab
Vulnerability Lab
added 2012/01/18 12:0 a.m.27 views

Engine by Avatarus Simple CMS - SQL Injection Vulnerability

Document Title: =============== Engine by Avatarus Simple CMS - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=388 Release Date: ============= 2012-01-18 Vulnerability Laboratory ID VL-ID: ====================================...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/06/17 12:0 a.m.55 views

HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS

Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/06/16 12:0 a.m.22 views

Free Simple CMS 1.0 Cross Site Scripting / Local File Inclusion

Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...

0.1AI score
Exploits0
0day.today
0day.today
added 2011/06/15 12:0 a.m.20 views

Free Simple CMS 1.0 Multiple Vulnerabilities

Exploit for php platform in category web applications Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability Type: XSS Cross Site Scripting, Local File...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/06/15 12:0 a.m.20 views

Free Simple CMS 1.0 - Multiple Vulnerabilities

Free Simple CMS 1.0 - Multiple Vulnerabilities Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2011/06/15 12:0 a.m.21 views

Free Simple CMS 1.0 - Multiple Vulnerabilities

Vulnerability ID: HTB23010 Reference: http://www.htbridge.ch/advisory/multiplexssinfreesimplecms.html Product: Free Simple CMS Vendor: Dustin Cowell Enterprises http://www.freesimplesoft.com/ Vulnerable Version: 1.0 and probably prior Tested on: 1.0 Vendor Notification: 25 May 2011 Vulnerability...

7AI score
Exploits0
htbridge
htbridge
added 2011/05/25 12:0 a.m.24 views

Multiple Vulnerabilities in Free Simple CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Free Simple CMS which could be exploited to perform cross-site scripting attacks and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in Free Simple CMS 1.1 The vulnerability exists due to input...

7.6CVSS6.5AI score
Exploits0Affected Software1
NVD
NVD
added 2010/10/05 6:0 p.m.15 views

CVE-2010-3742

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 meta or 2 phpincdir parameter, a different issue than CVE-2010-3307...

7.5CVSS7.5AI score0.02581EPSS
Exploits1References4
NVD
NVD
added 2010/10/05 6:0 p.m.20 views

CVE-2010-3307

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...

7.5CVSS7.5AI score0.02573EPSS
Exploits4References4
Prion
Prion
added 2010/10/05 6:0 p.m.18 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...

7.5CVSS7.8AI score0.02573EPSS
Exploits4References4Affected Software1
Prion
Prion
added 2010/10/05 6:0 p.m.20 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 meta or 2 phpincdir parameter, a different issue than CVE-2010-3307...

7.5CVSS8.1AI score0.02581EPSS
Exploits5References4Affected Software1
CVE
CVE
added 2010/10/05 5:0 p.m.50 views

CVE-2010-3742

CVE-2010-3742 describes multiple PHP remote file inclusion vulnerabilities in Free Simple CMS 1.0, specifically in themes/default/index.php. The underlying issue allows an attacker to cause arbitrary PHP code execution by supplying a URL in the (1) meta or (2) phpincdir parameter, as reported (di...

7.5CVSS7.6AI score0.02581EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2010/10/05 5:0 p.m.50 views

CVE-2010-3307

CVE-2010-3307 involves multiple PHP remote file inclusion vulnerabilities in the Free Simple CMS 1.0 (and earlier). The issue arises in the themes/default/index.php file, where a URL provided in the following parameters can be used to include remote code: body, footer, header, menu_left, and menu...

7.5CVSS7.6AI score0.02573EPSS
Exploits4References4Affected Software1
securityvulns
securityvulns
added 2010/09/20 12:0 a.m.105 views

[oCERT-2010-003] Free Simple CMS path sanitization errors

2010-003 Free Simple CMS path sanitization errors Description: Free Simple CMS, an open source content management system, suffers from remote file inclusion vulnerabilities. Insufficient path sanitization on several query string parameters leads to inclusion of arbitrary files from remote sources...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2009/08/26 12:0 a.m.17 views

Simple CMS Framework 1.0 - page SQL Injection

Simple CMS Framework 1.0 - page SQL Injection ============================================================================== Hackteach.OrG / / / || |/ | / | | / | / / / | / / | / / / / | / | | / / / /| | / /\ // ============================================================================== »...

1.1AI score
Exploits0
0day.today
0day.today
added 2009/07/30 12:0 a.m.12 views

Really Simple CMS 0.3a (pagecontent.php PT) Local File Inclusion Vuln

Exploit for unknown platform in category web applications ============================================================================== Really Simple CMS 0.3a pagecontent.php PT Local File Inclusion Vulnerability ============================================================================== +...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/07/30 12:0 a.m.30 views

Really Simple CMS 0.3a - 'PT' Local File Inclusion

Really Simple CMS 0.3a pagecontent.php PT Local File Inclusion Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/rscms/ + Local File Inclusion - Vulnerable code in plugings/pagecontent.php...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/11/30 12:0 a.m.24 views

CMS Made Simple 1.4.1 Local File Inclusion Vulnerability

No description provided by source. Type: Directory Traversal vulnerability Unix tested / Root privileges escalation Vendor: CMS Made Simple Software: CMS Made Simple 1.4.1 "Spring Garden" and probably others ... Author: M4ck-h@cK Date 29.11.2008 Home: sweet home contact: no, thx : Exploit: Demo: ...

7.1AI score
Exploits0
NVD
NVD
added 2008/11/13 11:30 a.m.16 views

CVE-2008-5058

SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information...

7.5CVSS8.3AI score0.02372EPSS
Exploits0References6
Prion
Prion
added 2008/11/13 11:30 a.m.12 views

Sql injection

SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. NOTE: some of these details are obtained from third party information...

7.5CVSS9AI score0.02372EPSS
Exploits0References6
Rows per page
Query Builder