WebManager <= 1.3.6 XSS Vulnerabilities

Exploit for php platform in category web applications ======================================= WebManager Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0 1 1 0 I'm TheExploited member from...

Spectrum Software WebManager CMS - pojam Cross-Site Scripting

Spectrum Software WebManager CMS - pojam Cross-Site Scripting source: https://www.securityfocus.com/bid/38573/info Spectrum Software WebManager CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage thi...

Spectrum Software WebManager CMS - &#039;pojam&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/38573/info Spectrum Software WebManager CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Spectrum Software WebManager CMS Xss Vulnerability

Exploit for unknown platform in category web applications ================================================== Spectrum Software WebManager CMS Xss Vulnerability ================================================== .:. Script : Spectrum Software WebManager CMS .:. Info link:...

Spectrum Software WebManager CMS Cross Site Scripting

.:. Author : [email protected] .:. Contact: [email protected], [email protected] .:. Home : www.evilzone.org .:. Script : Spectrum Software WebManager CMS .:. Info link: http://www.spectrum.hr/proizvodi/webmanager-cms/default.aspx .:. Bug Type : Cross-site scripting XSS === Exploit ===...

CVE-2008-6300

Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Authentication flaw

Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-6300

Galatolo WebManager 1.3a allows remote attackers to bypass authentication and gain administrative access by setting the 1 gwmuser and 2 gwmpass cookies to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-6300

Galatolo WebManager 1.3a is affected by an authentication bypass vulnerability. CVE-2008-6300 allows remote attackers to gain administrative access by setting the gwm_user and gwm_pass cookies to admin. Root cause described as cookie-based auth bypass; no explicit exploit code or in-the-wild deta...

Sql injection

SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-6249

SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

CVE-2008-6248

Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

CVE-2008-6249

CVE-2008-6249 affects Galatolo WebManager (v1.3a and earlier). The vulnerability is in plugins/users/index.php and allows remote attackers to inject SQL via the id parameter, enabling execution of arbitrary SQL commands. The available records do not provide a confirmed patch version or remediatio...

CVE-2008-6248

This entry relates to CVE-2008-6248, a Cross-site Scripting (XSS) vulnerability affecting Galatolo WebManager 1.3a and earlier. The issue is in all.php, with the tag parameter enabling remote attackers to inject arbitrary web script or HTML. Affected component: all.php in Galatolo WebManager; roo...

CVE-2008-6249

SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-6248

Cross-site scripting XSS vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

CVE-2008-6108

Cross-site scripting XSS vulnerability in result.php in Galatolo WebManager GWM 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in result.php in Galatolo WebManager GWM 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter...

CVE-2008-6108

CVE-2008-6108 is a cross-site scripting (XSS) vulnerability in Galatolo WebManager (GWM) 1.0, exploitable via result.php and the key parameter. The issue allows remote attackers to inject arbitrary web script or HTML. It is tracked in multiple feeds (NVD, CVE lists, Prion, etc.). The NVD entry li...