EUVD-2011-5202

Malware in sbrugna...

CVE-2022-47083

A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...

CVE-2011-5303

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

Spitfire CMS 1.0.475 - PHP Object Injection

Exploit Title: Spitfire CMS 1.0.475 - PHP Object Injection Exploit Author: LiquidWorm Vendor: Claus Muus Product web page: http://spitfire.clausmuus.de Affected version: 1.0.475 Summary: Spitfire is a system to manage the content of webpages. Desc: The application is prone to a PHP Object Injecti...

CVE-2022-47083

A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...

CVE-2022-47083

A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...

Design/Logic Flaw

A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...

Spitfire CMS 代码问题漏洞

Spitfire CMS is a system used to maintain the content of a website without handling the details of creating the website. A code issue vulnerability exists in Spitfire CMS version 1.0.475, which stems from its unsafe use of the unserialize function allowing attackers to implement PHP object...

CVE-2022-47083

A PHP Object Injection vulnerability in the unserialize function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application...

CVE-2022-47083

CVE-2022-47083 affects Spitfire CMS 1.0.475 and is a PHP Object Injection via unsafe use of unserialize(), enabling authenticated attackers to execute arbitrary code by sending crafted requests. Concrete details from multiple sources cite the vulnerability in the cms_backup_values handling (e.g.,...

PT-2023-15157 · Unknown · Spitfire Cms

Name of the Vulnerable Software and Affected Versions: Spitfire CMS version 1.0.475 Description: A PHP Object Injection issue in the unserialize function allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application. Recommendations: For Spitfire CMS...

Spitfire CMS 1.0.475 PHP Object Injection

Spitfire CMS 1.0.475 cmsbackupvalues PHP Object Injection Vendor: Claus Muus Product web page: http://spitfire.clausmuus.de Affected version: 1.0.475 Summary: Spitfire is a system to manage the content of webpages. Desc: The application is prone to a PHP Object Injection vulnerability due to the...

Spitfire CMS 1.0.475 PHP Object Injection Vulnerability

Spitfire CMS version 1.0.475 is prone to a PHP object injection vulnerability due to the unsafe use of unserialize function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input...

Spitfire CMS 1.0.475 (cms_backup_values) PHP Object Injection

Summary Spitfire is a system to manage the content of webpages. Description The application is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests t...

CVE-2011-5303

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

Cross site scripting

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

CVE-2011-5303

Cross-site scripting XSS vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject arbitrary web script or HTML via a cmsusername cookie...

CVE-2011-5303

CVE-2011-5303 affects Spitfire CMS 1.0.436 with a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the cms_username cookie. Root cause: XSS in handling the cms_username parameter. The connected records corroborate the vulnerability across mul...

Spitfire CMS 1.1.4 - Cross-Site Request Forgery

Spitfire CMS 1.1.4 - Cross-Site Request Forgery Exploit Title: spitefire CMS - CSRF / ADD / EDTI / UPLOAD FILE Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://spitfire.clausmuus.de/...

Spitfire CMS 1.1.4 - Cross-Site Request Forgery

Exploit Title: spitefire CMS - CSRF / ADD / EDTI / UPLOAD FILE Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://spitfire.clausmuus.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected...