50 matches found
Design/Logic Flaw
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors...
CVE-2013-7356
Unspecified vulnerability in the SAP CCMS / Database Monitors for Oracle allows attackers to obtain the database password via unknown vectors...
CVE-2013-7356
Technical details (affected product/version, root cause, exploit, impact) are not publicly provided in the supplied documents. Monitor for updates from authoritative sources.
CVE-2013-7362
Technical details about CVE-2013-7362 are not publicly available in the provided connected documents. Monitor SAP advisories and CVE feeds for updates.
CVE-2013-7362
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors...
[Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection
Onapsis Security Advisory 2013-005: SAP CCMS Agent Code Injection This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new...
MY-CCMS All Ver File Upload 0day-vulnerability warning-the black bar safety net
The vulnerability is located in: manage/upload.php code province ! ! 111.jpg Download 22.49 KB 4 hours ago Also you can create new“. asp”directory, there is a skip directory vulnerability, etc. EXP: the form id="frmUpload" enctype="multipart/form-data" action="http://chemlg.com/manage/upload.php"...
CVE-2008-4526
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skin parameter to 1 index.php, 2 forums.php, 3 admin.php, 4 header.php, 5 pages/story.php and 6 pages/poll.php...
Directory traversal
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skin parameter to 1 index.php, 2 forums.php, 3 admin.php, 4 header.php, 5 pages/story.php and 6 pages/poll.php...
CVE-2008-4526
CVE-2008-4526 affects CCMS 3.1. Multiple directory traversal vulnerabilities allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to index.php, forums.php, admin.php, header.php, pages/story.php, and pages/poll.php. This entry has a CVSS v2 ...
CVE-2008-4526
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skin parameter to 1 index.php, 2 forums.php, 3 admin.php, 4 header.php, 5 pages/story.php and 6 pages/poll.php...
ccms-lfi.txt
CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Download Script : http://rapidshare.com/files/94804716/CCMSv3.1byMikelDean.rar + Local File Inclusion...
CCMS 3.1 - skin Local File Inclusion
CCMS 3.1 - skin Local File Inclusion + CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Download Script :...
CCMS 3.1 (skin) Multiple Local File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================= CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities ============================================================= + CCMS 3.1 skin Multiple Local File Inclusion...
CCMS 3.1 - 'skin' Local File Inclusion
CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Download Script : http://rapidshare.com/files/94804716/CCMSv3.1byMikelDean.rar + Local File Inclusion...
CCMS 3.1 (skin) Multiple Local File Inclusion Vulnerabilities
No description provided by source. + CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Download Script :...
Sql injection
SQL injection vulnerability in print.php in CustomCms CCMS Gaming Portal 4.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-4156
CVE-2008-4156 affects the CustomCms (CCMS) Gaming Portal 4.0. The vulnerability is a SQL injection in print.php via the id parameter when magic_quotes_gpc is disabled. This creates a risk of arbitrary SQL execution by a remote attacker. The available documents do not provide specific affected ver...
CustomCMS CCMS Gaming 'print.php' SQL注入漏洞
BUGTRAQ ID: 30787 CNCAN ID:CNCAN-2008082203 CustomCMS CCMS Gaming是一款基于PHP的WEB应用程序。 CustomCMS CCMS Gaming不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或操作数据库。 问题是'print.php'脚本对用户提交的'id'参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 CustomCms CCMS Gaming 4.0 目前没有解决方案提供: http://customcms.net/index.php...
ccms40-sql.txt
Author: !DoktOR! Date found: 21.08.08 Product: CCMS Gaming Portal Version: 4.0 The price: $55 URL: customcms.net Vulnerability Class: SQL injection print.php Vuln code: $q = mysqlquery"SELECT from ccmsnewscomments WHERE wid='$id'"; magicquotesgpc = Off http://localhost/installdir/ Exploit:...