12 matches found
ChillyCMS 1.1.3 - Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...
SASPCMS Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP Content Management System . SASPCMS witc...
NewsCMSlite Insecure Cookie Handling
www.BugReport.ir AmnPardaz Security Research Team Title: NewsCMSlite Vendor: http://www.katywhitton.com Bug: Insecure Cookie Handling Exploitation: Remote with browser Fix: N/A Original Advisory: http://www.bugreport.ir/index62.htm - Description: NewsCMSlite is an easy way to get regularly update...
PHP-List Remote Code Execution
phplist 2.10.x remote code execution Credit:AmnPardaz Security Research Team for the vuln exploit author [email protected] Poc root@server pentest perl phplistrce.pl http://www.helpcenter.it/list/ phplist 2.10.x 0day RCE may b others by mozi: uname -a 686 i686 i386 GNU/Linux mozi: w 04:43:41 up...
Enthusiast 3.1.4 - show_joined.php Remote File Inclusion
Enthusiast 3.1.4 - showjoined.php Remote File Inclusion www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation:...
ParsaWeb CMS SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: ParsaWeb CMS SQL Injection Vendor: http://www.parsagostar.com Demo: http://cms.parsagostar.com/ Exploit: Available Impact: High Fix: N/A Original advisory: http://www.bugreport.ir/index53.htm 1. Description: ParsaWeb is a commercial ASP.NET...
iges CMS 2.0 - Cross-Site Scripting SQL Injection
iges CMS 2.0 - Cross-Site Scripting SQL Injection www.BugReport.ir AmnPardaz Security Research Team Title: IGES CMS =2.0 Multiple Vulnerabilities Vendor: www.iges.nl Exploit: Available Vulnerable Version: 2.0 Impact: High Fix: N/A 1. Description: IGES CMS is a complete, fully featured CMS in PHP...
Bloofox 0.3 (SQL/FD) Multiple Remote Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title:Bloofox CMS Vulnerabilities Vendor: http://www.bloofox.com Bugs: SQL Injection Authentication bypass , Source code disclosure Vulnerable Version: 0.3 prior versions also may be affected...
OneCMS 2.4 - SQL Injection Upload
OneCMS 2.4 - SQL Injection Upload WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remot...
MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser...
Bitweaver R2 CMS Remote File Upload / Disclosure Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with browser Fix...
Bitweaver R2 CMS - Arbitrary File Upload Disclosure
Bitweaver R2 CMS - Arbitrary File Upload Disclosure WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with...