EUVD-2010-4858

Malware in sbrugna...

EUVD-2010-4859

Malware in sbrugna...

chillycms 1.1.3 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content...

chillyCMS 1.3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: chillyCMS 1.3.0 Multiple Vulnerabilities Google Dork: powered by chillyCMS Date: 15 February 2013 Exploit Author: Abhi M Balakrishnan Vendor Homepage: http://chillycms.bplaced.net/ Software Link:...

ChillyCMS Blind SQL Injection

No description provided by source. !/usr/bin/hybris Exploit Title: ChillyCMS Blind Sql Injection Date: 14-05-2010 Author: IHTeam Software Link: http://chillycms.bplaced.net/chillyCMS/core/show.site.php?id=9 Version: 1.1.2 Tested on: Win/Linux Example: simone@simons Advisories$ hybris chillycms.hy...

ChillyCMS 1.3.0 - Multiple Vulnerabilities

ChillyCMS 1.3.0 - Multiple Vulnerabilities Exploit Title: chillyCMS 1.3.0 Multiple Vulnerabilities Google Dork: "powered by chillyCMS" Date: 15 February 2013 Exploit Author: Abhi M Balakrishnan Vendor Homepage: http://chillycms.bplaced.net/ Software Link:...

ChillyCMS 1.3.0 - Multiple Vulnerabilities

Exploit Title: chillyCMS 1.3.0 Multiple Vulnerabilities Google Dork: "powered by chillyCMS" Date: 15 February 2013 Exploit Author: Abhi M Balakrishnan Vendor Homepage: http://chillycms.bplaced.net/ Software Link: http://chillycms.bplaced.net/chillyCMS/media/files/chillyCMSfull.zip Version: 1.3.0...

chillyCMS 1.3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Vulnerability Failure to Restrict URL Access chillyCMS uses 302 redirects to restrict access to the unautorized pages. Exploit Step 1: Create a rule in No-Redirect Add-on: ^http://localhost/chillyCMS/ Step 2: Access...

chillyCMS 1.3.0 Shell Upload / Access Bypass

Exploit Title: chillyCMS 1.3.0 Multiple Vulnerabilities Google Dork: "powered by chillyCMS" Date: 15 February 2013 Exploit Author: Abhi M Balakrishnan Vendor Homepage: http://chillycms.bplaced.net/ Software Link: http://chillycms.bplaced.net/chillyCMS/media/files/chillyCMSfull.zip Version: 1.3.0...

CVE-2010-4894

SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-4895

Cross-site scripting XSS vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the username field. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the username field. NOTE: some of these details are obtained from third party information...

CVE-2010-4895

Cross-site scripting XSS vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter aka the username field. NOTE: some of these details are obtained from third party information...

CVE-2010-4895

CVE-2010-4895 affects chillyCMS 1.1.3, with the vulnerability in core/showsite.php where input from the name parameter (username field) enables cross-site scripting (XSS). The issue allows remote attackers to inject arbitrary web script or HTML. Public references corroborate XSS wording; no expli...

CVE-2010-4894

CVE-2010-4894 : A SQL injection vulnerability in chillyCMS 1.1.3 is reported in core/showsite.php via the name parameter, potentially allowing remote attackers to execute arbitrary SQL commands. This is based on the NVD entry; no remediation details are provided in the supplied documents.

CVE-2010-4894

SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information...

chillyCMS 1.2.x XSRF / File Disclosure

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

chillyCMS v1.2.x (CSRF/FD/RFI) Multiple Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

chillyCMS v1.2.1 Remote File Inclusion Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...