EUVD-2010-4846

Malware in sbrugna...

Auto CMS <= 1.8 - Remote Code Execution

No description provided by source. ?php / ===================================== Auto CMS = 1.8 Remote Code Execution ===================================== Author: giudinvx Email: giudinvxatgmaildotcom Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/...

CVE-2010-4882

Cross-site scripting XSS vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter...

CVE-2010-4882

Auto CMS 1.6 is affected by a cross-site scripting (XSS) vulnerability in autocms.php, exploitable via the sitetitle parameter. The root cause is insufficient input sanitization of sitetitle, allowing remote attackers to inject arbitrary HTML/JavaScript into the user’s browser. The CVE entry CVE-...

CVE-2010-4882

Cross-site scripting XSS vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter...

Auto CMS 1.8 Remote Code Execution

Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/ / errorreporting0; settimelimit0; function openfsock $host, $pack if !$fp = fsockopen$host, 80 die"\nNo response\n"; else fputs$fp, $pack; while !feof$fp $ret .= fgets$fp, 1024; fclose$fp; return $ret...

Auto CMS <= 1.8 Remote Code Execution

Exploit for php platform in category web applications ===================================== Auto CMS Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/ / errorreporting0; settimelimit0; function openfsock $host, $pack if !$fp = fsockopen$host, 80...

Auto CMS 1.8 - Remote Code Execution

Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/ / errorreporting0; settimelimit0; function openfsock $host, $pack if !$fp = fsockopen$host, 80 die"\nNo response\n"; else fputs$fp, $pack; while !feof$fp $ret .= fgets$fp, 1024; fclose$fp; return $ret...

Auto CMS 1.8 - Remote Code Execution

Auto CMS 1.8 - Remote Code Execution Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/ / errorreporting0; settimelimit0; function openfsock $host, $pack if !$fp = fsockopen$host, 80 die"\nNo response\n"; else fputs$fp, $pack; while !feof$fp $ret .=...

XSS vulnerability in Auto CMS

Vulnerability ID: HTB22564 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinautocms.html Product: Auto CMS Vendor: Roberto Aleman http://ventics.com/autocms/ Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulnerability Type: XSS Cross Site...

Auto CMS 1.6 Cross Site Scripting

Vulnerability ID: HTB22564 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinautocms.html Product: Auto CMS Vendor: Roberto Aleman http://ventics.com/autocms/ Vulnerable Version: 1.6 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulnerability Type: XSS Cross Site...

Auto CMS 1.6 - autocms.php Cross-Site Scripting

Auto CMS 1.6 - autocms.php Cross-Site Scripting source: https://www.securityfocus.com/bid/42764/info Auto CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script co...

Auto CMS 1.6 - &#039;autocms.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/42764/info Auto CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

XSS vulnerability in Auto CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Auto CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Auto CMS: CVE-2010-4882 The vulnerability exists due to input sanitation error in the "sitetitle"...