3 matches found
CVE-2010-4894
CVE-2010-4894 : A SQL injection vulnerability in chillyCMS 1.1.3 is reported in core/showsite.php via the name parameter, potentially allowing remote attackers to execute arbitrary SQL commands. This is based on the NVD entry; no remediation details are provided in the supplied documents.
CVE-2010-4895
CVE-2010-4895 affects chillyCMS 1.1.3, with the vulnerability in core/showsite.php where input from the name parameter (username field) enables cross-site scripting (XSS). The issue allows remote attackers to inject arbitrary web script or HTML. Public references corroborate XSS wording; no expli...
chillyCMS 1.1.3 Shell Upload
------------------------------------------------------------------------ Software................chillyCMS 1.1.3 Vulnerability...........Arbitrary Upload Download................http://chillycms.bplaced.net/chillyCMS/ Release Date............9/15/2010 Tested On...............Windows Vista + XAMPP...