Lucene search
K

33 matches found

Cvelist
Cvelist
added 2009/10/27 4:0 p.m.22 views

CVE-2009-3803

Multiple cross-site scripting XSS vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the statusmessage parameter to 1 /news, 2 /comment, 3 /forum, 4 /blog, and 5 /tags; the statusmessage parameter to 6 forum.php, 7 discussion.php, 8...

5.7AI score0.01756EPSS
Exploits1References6
CVE
CVE
added 2009/10/27 4:0 p.m.44 views

CVE-2009-3803

CVE-2009-3803 affects Amiro.CMS 5.4.0.0 and earlier, with multiple cross-site scripting (XSS) vulnerabilities. The root cause is improper handling of user-supplied content in the status_message parameter across numerous front-end paths (including /news, /comment, /forum, /blog, /tags) and admin p...

4.3CVSS5.7AI score0.01756EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2009/10/27 4:0 p.m.49 views

CVE-2009-3802

CVE-2009-3802 affects Amiro.CMS 5.4.0.0 and earlier. The issue stems from an invalid loginname value ("%%%") to _admin/index.php which causes an error message that reveals the installation path and other information, enabling partial information disclosure. The NVD entry lists a Medium severity (...

5CVSS6.2AI score0.02588EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/10/27 4:0 p.m.22 views

CVE-2009-3802

Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname "%%%" to admin/index.php, which reveals the installation path and other information in an error message...

6.2AI score0.02588EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2009/10/20 12:0 a.m.19 views

Amiro.CMS 5.4.0.0 Root Folder Disclosure

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-005 Amiro.CMS root folder disclosure Objective: Amiro CMS = 5.4.0.0 Type: Disclosure of ways Threat: Medium Date Discovered: 01.07.2009 Date of notification Developer: 01.07.2009...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/10/20 12:0 a.m.19 views

Amiro.CMS 5.4.0.0 Cross Site Scripting

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-004 Amiro.CMS Multiple XSS Objective: Amiro = 5.4.0.0 Type: Cross-site scripting Threat: Medium Date Discovered: 01.07.2009 Date of notification Developer: 01.07.2009 Released fixes:...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/10/19 12:0 a.m.33 views

Amiro.CMS <= 5.4.0.0 xss

Exploit for unknown platform in category web applications ======================== Amiro.CMS = 5.4.0.0 xss ======================== ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-004 Amiro.CMS Multiple XSS Objective: Amiro = 5.4.0...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/10/19 12:0 a.m.25 views

Amiro.CMS <= 5.4.0.0 folder disclosure

Exploit for unknown platform in category web applications ====================================== Amiro.CMS = 5.4.0.0 folder disclosure ====================================== ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-005...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/10/19 12:0 a.m.22 views

Amiro.CMS 5.4 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/42430/info Amiro.CMS is prone to multiple input-validation vulnerabilities including multiple cross-site scripting issues, an HTML-injection issue, and an information-disclosure issue. An attacker may leverage the issues to execute arbitrary script code i...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/10/19 12:0 a.m.68 views

[ONSEC-09-004] Amiro.CMS Multiple XSS

http://onsec.ru/vuln?id=11 ONSEC-09-004 Amiro.CMS Multiple XSS Цель: Amiro = 5.4.0.0 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 01.07.2009 Дата оповещения разработчика: 01.07.2009 Дата выхода исправления: 06.10.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec do...

6.2AI score
Exploits0
seebug.org
seebug.org
added 2009/10/19 12:0 a.m.24 views

Amiro.CMS &lt;= 5.4.0.0 xss

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-004 Amiro.CMS Multiple XSS Objective: Amiro = 5.4.0.0 Type: Cross-site scripting Threat: Medium Date Discovered: 01.07.2009 Date of notification...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/10/19 12:0 a.m.35 views

[ONSEC-09-005] Amiro.CMS root folder disclosure

http://onsec.ru/vuln?id=12 ONSEC-09-005 Amiro.CMS root folder disclosure Цель: Amiro CMS = 5.4.0.0 Тип: Раскрытие путей Угроза: Средняя Дата обнаружения: 01.07.2009 Дата оповещения разработчика: 01.07.2009 Дата выхода исправления: 06.10.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2009/10/19 12:0 a.m.25 views

Amiro.CMS 5.4.0.0 - Path Disclosure

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-005 Amiro.CMS root folder disclosure Objective: Amiro CMS = 5.4.0.0 Type: Disclosure of ways Threat: Medium Date Discovered: 01.07.2009 Date of notification Developer: 01.07.2009...

7.4AI score
Exploits0
Rows per page
Query Builder