34 matches found
SweetRice-CMS-1.5.1-RCE-Exploit
SweetRice CMS 1.5.1 RCE Exploit Overview SweetRice CMS 1.5...
EUVD-2010-5276
Malware in sbrugna...
EUVD-2010-5275
Malware in sbrugna...
EUVD-2010-5274
Malware in sbrugna...
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
CVE-2010-5317
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...
CVE-2010-5316
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
SweetRice 1.5.1 Code Execution
Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;?...
SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution Exploit
Exploit for php platform in category web applications Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;? 0day.today 2018-03-31...
SweetRice CMS Has Multiple SQL Injection Vulnerabilities
SweetRice is a simple content management system developed using PHP. Multiple SQL injection vulnerabilities in index.php in SweetRice CMS versions prior to 0.6.7.1 allow remote attackers to exploit the vulnerabilities to execute arbitrary SQL commands...
SweetRice CMS Cross-Site Scripting Vulnerability
SweetRice is a simple content management system developed using PHP. A cross-site scripting vulnerability in as/index.php in SweetRice CMS versions prior to 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
CVE-2010-5317
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...
CVE-2010-5316
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
Sql injection
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...
Cross site scripting
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
Design/Logic Flaw
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
CVE-2010-5316
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
CVE-2010-5318
CVE-2010-5318 affects SweetRice CMS prior to version 0.6.7.1. The vulnerability resides in the password-reset feature of as/index.php, where remote attackers can modify the administrator password by supplying the administrator’s email address in the email parameter. No exploit details are provide...
CVE-2010-5317
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...