37 matches found
cpcommerce 1.1.0 (xss/lfi) Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote...
Web Wiz Forums <= 9.07 (sub) Remote Directory Traversal Vulnerability
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: Web Wiz ForumsTM Vendor: http://www.webwizguide.com/ Bug: Directory traversal Vulnerable Version: 9.07 Exploit: Available Fix Available: No! Fast Solution is available. - Description: Web Wiz Forums bullet...
modx cms 0.9.6.1 - Multiple Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix...
OneCMS 2.4 - Remote SQL Injection / Upload Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remo...
Ferdows CMS Pro <=1.1.0 Multiple Vulnerabilities
Exploit for asp platform in category web applications www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm...
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...
chillyCMS 1.1.3 SQL Injection / Cross Site Scripting
www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...
Tinypug 0.9.5 - Cross-Site Request Forgery (Password Change)
www.BugReport.ir AmnPardaz Security Research Team Title: Tinypug Multiple Vulnerabilities Vendor: http://platformassociates.com/ project hosted at http://code.google.com/p/tinypug/ Vulnerable Version: 0.9.5 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Tinypug is a...
PHPRunner 4.2 - 'SearchOption' Blind SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...
PHPRunner 4.2 - SearchOption Blind SQL Injection
PHPRunner 4.2 - SearchOption Blind SQL Injection www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory:...
phplist 2.10.x (RCE by environ inclusion) Local File Inclusion Exploit
Exploit for unknown platform in category web applications ====================================================================== phplist 2.10.x RCE by environ inclusion Local File Inclusion Exploit ====================================================================== phplist 2.10.x remote code...
phpList 2.10.8 - Local File Inclusion
phpList 2.10.8 - Local File Inclusion www.BugReport.ir AmnPardaz Security Research Team Title: phpList Local File inclusion Vendor: http://www.phplist.com Bug: Local File Inclusion Vulnerable Version: 2.10.8 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original...
CFAGCMS Remote File Inclusion
www.BugReport.ir AmnPardaz Security Research Team Title: CFAGCMS Remote File Inclusion Vendor: http://sourceforge.net/projects/cfagcms/ Bug: Remote File Inclusion Vulnerable Version: 1 Exploitation: Remote with browser Fix: N/A Original Advisory: http://www.bugreport.ir/index58.htm - Description:...
Enthusiast 3 Remote Code Execution
www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
Enthusiast 3.1.4 - 'show_joined.php' Remote File Inclusion
www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln
Exploit for unknown platform in category web applications ================================================================== Enthusiast 3.1.4 showjoined.php path Remote File Inclusion Vuln ==================================================================...
CMME Multiple Information disclosure vulnerabilities
WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: CMME Multiple Information disclosure vulnerabilities Vendor: http://cmme.oesterholt.net Bug: Information Disclosure Vulnerable Version: 1.19 prior versions also may be affected Exploitation: Remote with browser Exploi...
ParsaWeb CMS (Search) Remote SQL Injection Vulnerability
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: ParsaWeb CMS SQL Injection Vendor: http://www.parsagostar.com Demo: http://cms.parsagostar.com/ Exploit: Available Impact: High Fix: N/A Original advisory: http://www.bugreport.ir/index53.htm 1. Descriptio...
Masir Camp E-Shop Module <= 3.0 (ordercode) SQL Injection Vuln
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Masir Camp E-Shop Module = 3.0 SQL Injection Vendor: www.masir.net Vulnerable Version: 3.0 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index52.htm 1...
Masir Camp E-Shop Module 3.0 - 'ordercode' SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: Masir Camp E-Shop Module = 3.0 SQL Injection Vendor: www.masir.net Vulnerable Version: 3.0 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index52.htm 1. Description: Masir Camp is an...