cpcommerce 1.1.0 (xss/lfi) Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote...

Ferdows CMS Pro <= 1.1.0 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix: N/A 1...

Web Wiz Forums <= 9.07 (sub) Remote Directory Traversal Vulnerability

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: Web Wiz ForumsTM Vendor: http://www.webwizguide.com/ Bug: Directory traversal Vulnerable Version: 9.07 Exploit: Available Fix Available: No! Fast Solution is available. - Description: Web Wiz Forums bullet...

gl-sh deaf forum <= 6.5.5 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: GL-SH Deaf Forum =6.5.5 Multiple Vulnerabilities Vendor: www.frank-karau.de Vulnerable Version: 6.5.5 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/46 1...

RunCMS <= 1.6 - Local File Inclusion Vulnerability

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCms Multiple Vulnerabilities Vendor: http://www.runcms.org/ Bugs: Local File Inclusion, Modules Authorization Weakness Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versio...

Masir Camp E-Shop Module <= 3.0 (ordercode) SQL Injection Vuln

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Masir Camp E-Shop Module = 3.0 SQL Injection Vendor: www.masir.net Vulnerable Version: 3.0 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index52.htm 1...

RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit

No description provided by source. ?php WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCmss Bug Yahoo! Crawler Vendor: http://www.runcms.org/ Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versions also may be affected Exploitation: Remote with browser...

modx cms 0.9.6.1 - Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix...

bcoos 1.0.10 (lfi / SQL Injection) Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: Bcoos Multiple Vulnerabilities Vendor: http://www.bcoos.net/ Bugs: Local File Inclusion, Sql Injection Vulnerable Version: bcoos 1.0.10 prior versions also may be affected...

Pooya Site Builder (PSB) 6.0 - Multiple SQL Injection Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Pooya Site Builder PSB SQL Injection Vulnerabilities Vendor: www.paridel.com Vulnerable Version: 6.0 Assembly Version Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/42 1...

OneCMS 2.4 - Remote SQL Injection / Upload Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remo...

msgid:[email protected][email protected]&amp;[email protected]&amp;folder=&#92;&#92;3APA3A&#92;Bugtraq&amp;subject=Related&#37;20POC&#37;20for&#37;20JCE&#37;20Joomla&#37;20Extension&#37;20&lt;&#37;3D2

After release of vendor supplied patch for JCE's vulnerabilities, AmnPardaz is going to submit related POC for this issue in Perl and PHP after one month for educational purposes. PHP Version: ?php www.bugreport.ir AmnPardaz Security Research & Penetration Testing Group Title: Exploit for JCE...

Joomla JCE 2.0.10 Path Traversal / Path Manipulation

www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension =2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 Image Manager 1.5.7.13, Media Manager 1.5.6.3, Template Manager 1.5.5, File Manager 1.5.4.1 & prior...

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix: N/A 1. Description: Ferdows CMS is a complete,...

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...

Ferdows CMS Pro <=1.1.0 Multiple Vulnerabilities

Exploit for asp platform in category web applications www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm...

chillyCMS 1.1.3 SQL Injection / Cross Site Scripting

www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...

ChillyCMS 1.1.3 - Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...

ACollab Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: ACollab Multiple Vulnerabilities Vendor: http://www.atutor.ca/acollab Vulnerable Version: 1.2 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: ACollab as described by its vendor is an accessible, open source...

AneCMS 1.0 Code Execution / Local File Inclusion

www.BugReport.ir AmnPardaz Security Research Team Title: AneCMS Multiple Vulnerabilities Vendor: http://anecms.com/ Vulnerable Version: 1.0 Latest version till now Exploitation: Remote with a RAW HTTP packet sender Fix: N/A - Description: AneCMS is a small and fast CMS completely modular. Written...