cpcommerce 1.1.0 (xss/lfi) Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote...

Web Wiz Forums <= 9.07 (sub) Remote Directory Traversal Vulnerability

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: Web Wiz ForumsTM Vendor: http://www.webwizguide.com/ Bug: Directory traversal Vulnerable Version: 9.07 Exploit: Available Fix Available: No! Fast Solution is available. - Description: Web Wiz Forums bullet...

gl-sh deaf forum <= 6.5.5 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: GL-SH Deaf Forum =6.5.5 Multiple Vulnerabilities Vendor: www.frank-karau.de Vulnerable Version: 6.5.5 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/46 1...

Ferdows CMS Pro <= 1.1.0 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix: N/A 1...

RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit

No description provided by source. ?php WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCmss Bug Yahoo! Crawler Vendor: http://www.runcms.org/ Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versions also may be affected Exploitation: Remote with browser...

RunCMS <= 1.6 - Local File Inclusion Vulnerability

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCms Multiple Vulnerabilities Vendor: http://www.runcms.org/ Bugs: Local File Inclusion, Modules Authorization Weakness Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versio...

modx cms 0.9.6.1 - Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix...

Pooya Site Builder (PSB) 6.0 - Multiple SQL Injection Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Pooya Site Builder PSB SQL Injection Vulnerabilities Vendor: www.paridel.com Vulnerable Version: 6.0 Assembly Version Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/42 1...

OneCMS 2.4 - Remote SQL Injection / Upload Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: OneCMS Vulnerabilities Vendor: http://www.insanevisions.com Bugs: SQL Injection Authentication bypass , Arbitrary file upload! Vulnerable Version: 2.4 prior versions also may be affected Exploitation: Remo...

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities

Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...

Ferdows CMS Pro <=1.1.0 Multiple Vulnerabilities

Exploit for asp platform in category web applications www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm...

chillyCMS 1.1.3 SQL Injection / Cross Site Scripting

www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...

ChillyCMS 1.1.3 - Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...

1024CMS Blind SQL Injection Vulnerability

www.BugReport.ir AmnPardaz Security Research Team Title: 1024CMS Blind SQL Injection Vulnerability Vendor: http://www.1024cms.org/ Vulnerable Version: 2.1.1 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: 1024CMS is a PHP-based CMS which uses MySQL as its backend...

Tinypug 0.9.5 - Cross-Site Request Forgery (Password Change)

www.BugReport.ir AmnPardaz Security Research Team Title: Tinypug Multiple Vulnerabilities Vendor: http://platformassociates.com/ project hosted at http://code.google.com/p/tinypug/ Vulnerable Version: 0.9.5 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Tinypug is a...

Tinypug 0.9.5 - Cross-Site Request Forgery (Password Change)

Tinypug 0.9.5 - Cross-Site Request Forgery Password Change www.BugReport.ir AmnPardaz Security Research Team Title: Tinypug Multiple Vulnerabilities Vendor: http://platformassociates.com/ project hosted at http://code.google.com/p/tinypug/ Vulnerable Version: 0.9.5 and prior versions Exploitation...

Blaze Apps 1.4.0.051909 Cross Site Scripting / SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: Blaze Apps Multiple Vulnerabilities Vendor: http://blazeapps.codeplex.com Vulnerable Version: 1.4.0.051909 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Blaze Apps is a ASP .NET 2 Content Management System. It...

SASPCMS Multiple Vulnerabilities

www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP Content Management System . SASPCMS witc...

PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm...

PHPRunner 4.2 SQL Injection

www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...