39 matches found
gl-sh deaf forum <= 6.5.5 - Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: GL-SH Deaf Forum =6.5.5 Multiple Vulnerabilities Vendor: www.frank-karau.de Vulnerable Version: 6.5.5 and prior versions Exploit: Available Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/46 1...
Ferdows CMS Pro <= 1.1.0 - Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix: N/A 1...
chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: chicomas =2.0.4 Multiple Vulnerabilities Vendor: http://www.chicomas.com/ Demo: http://demo.opensourcecms.com/chicomas Bug: Database Information Disclosure, Authorization Weakness, XSS Vulnerable Version:...
Masir Camp E-Shop Module <= 3.0 (ordercode) SQL Injection Vuln
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Masir Camp E-Shop Module = 3.0 SQL Injection Vendor: www.masir.net Vulnerable Version: 3.0 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index52.htm 1...
RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit
No description provided by source. ?php WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCmss Bug Yahoo! Crawler Vendor: http://www.runcms.org/ Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versions also may be affected Exploitation: Remote with browser...
skyportal vrc6 Multiple Vulnerabilities
No description provided by source. WwW.BugReport.ir BugReport Security Research & Penetration Testing Group Title: Sky Portal Multiple SQL Injection Vulnerabilities Vendor: http://skyportal.net Exploitation: Remote with browser Fix Available: Patched In Last Version In Vendor Leaders : Shahin...
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities
Ferdows CMS Pro 1.1.0 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: Ferdows CMS Pro =1.1.0 Multiple Vulnerabilities Vendor: www.fcms.ir Exploit: Available Vulnerable Version: 1.1.0 Pro Impact: Medium Original Advisory: http://www.bugreport.ir/index77.htm Fix:...
Adobe LiveCycle ES DLL Hijacking
www.BugReport.ir AmnPardaz Security Research Team Title: Adobe LiveCycle ES DLL Hijacking Exploit .dll Vendor: http://www.adobe.com/products/livecycle/ Vulnerable Version: 8.2.1.3144.1.471865 Exploitation: Remote Code Execution - Description: Adobe® LiveCycle® Enterprise Suite ES software can hel...
ACollab - Multiple Vulnerabilities
ACollab - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: ACollab Multiple Vulnerabilities Vendor: http://www.atutor.ca/acollab Vulnerable Version: 1.2 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: ACollab as described by its...
Ananta Gazelle SQL Injection Vulnerability
www.BugReport.ir AmnPardaz Security Research Team Title: Ananta Gazelle SQL Injection Vulnerability Vendor: http://www.anantasoft.com/ Vulnerable Version: 1.0 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: Ananta Gazelle is a rich JavaScript enabled CMS with...
Blaze Apps 1.4.0.051909 Cross Site Scripting / SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: Blaze Apps Multiple Vulnerabilities Vendor: http://blazeapps.codeplex.com Vulnerable Version: 1.4.0.051909 and prior versions Exploitation: Remote with browser Fix: N/A - Description: Blaze Apps is a ASP .NET 2 Content Management System. It...
saspcms 0.9 - Multiple Vulnerabilities
saspcms 0.9 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP...
PHPRunner 4.2 (SearchOption) Blind SQL Injection Vulnerability
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm...
phpList 2.10.8 - Local File Inclusion
www.BugReport.ir AmnPardaz Security Research Team Title: phpList Local File inclusion Vendor: http://www.phplist.com Bug: Local File Inclusion Vulnerable Version: 2.10.8 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
CFAGCMS v1 Remote File Inclusion Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: CFAGCMS Remote File Inclusion Vendor: http://sourceforge.net/projects/cfagcms/ Bug: Remote File Inclusion Vulnerable Version: 1 Exploitation: Remote with browser Fix: N/A Original Advisory:...
Enthusiast 3 Remote Code Execution
www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
Masir Camp E-Shop Module 3.0 - 'ordercode' SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: Masir Camp E-Shop Module = 3.0 SQL Injection Vendor: www.masir.net Vulnerable Version: 3.0 and prior versions Exploit: Available Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index52.htm 1. Description: Masir Camp is an...
iges CMS 2.0 - Cross-Site Scripting / SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: IGES CMS =2.0 Multiple Vulnerabilities Vendor: www.iges.nl Exploit: Available Vulnerable Version: 2.0 Impact: High Fix: N/A 1. Description: IGES CMS is a complete, fully featured CMS in PHP language with SQL and became a powerful CMS having...
MyBlog <=0.9.8 Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: MyBlog =0.9.8 Multiple Vulnerabilities Vendor: http://crewdesign.co.uk & http://sourceforge.net/projects/myblog Exploit: Available Vulnerable Version: 0.9.8 Impact: High Fix: N/A Original Advisory: www.bugreport.ir/?/49 1. Description:...
doITlive CMS 2.50 - SQL Injection Cross-Site Scripting
doITlive CMS 2.50 - SQL Injection Cross-Site Scripting www.BugReport.ir AmnPardaz Security Research Team Title: doITlive CMS =2.50 SQL Injection/XSS Multiple Vulnerabilities Vendor: www.doitlive.com Vulnerable Version: 2.50 and prior versions Exploit: Available Impact: High Fix: N/A Original...