22 matches found
EUVD-2009-2326
Malware in sbrugna...
EUVD-2009-2328
Malware in sbrugna...
EUVD-2009-2329
Malware in sbrugna...
EUVD-2009-2327
Malware in sbrugna...
cms chainuk <= 1.2 - Multiple Vulnerabilities
No description provided by source. CMS Chainuk = v.1.2 Vulns Home: Cms.tut.su Dork: Cms.tut.su, 2009 g. eLwauxc 14.06.2 LFI /index.php --------------------------------------------------------------------------- 6: if isset$GET 'id' 7: 8: color=white$id = $GET 'id';/color 9: 10: else 11: 12: $id =...
Code injection
Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code 1 into settings.php via the menu parameter to adminsettings.php or 2 into a content/=NUMBER.php file via the title parameter to adminnew.php...
CVE-2009-2332
CMS Chainuk 1.2 and earlier allows remote attackers to obtain sensitive information via 1 a crafted id parameter to index.php or 2 a nonexistent folder name in the id parameter to admin/admindelete.php, which reveals the installation path in an error message...
CVE-2009-2331
Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code 1 into settings.php via the menu parameter to adminsettings.php or 2 into a content/=NUMBER.php file via the title parameter to adminnew.php...
CVE-2009-2333
Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the menu parameter to admin/adminmenu.php, and the id parameter to 2 index.php and 3 admin/adminedit.php; and 4 delete arbitrary...
Design/Logic Flaw
CMS Chainuk 1.2 and earlier allows remote attackers to obtain sensitive information via 1 a crafted id parameter to index.php or 2 a nonexistent folder name in the id parameter to admin/admindelete.php, which reveals the installation path in an error message...
Directory traversal
Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the menu parameter to admin/adminmenu.php, and the id parameter to 2 index.php and 3 admin/adminedit.php; and 4 delete arbitrary...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/adminmenu.php in CMS Chainuk 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter...
CVE-2009-2330
Cross-site scripting XSS vulnerability in admin/adminmenu.php in CMS Chainuk 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter...
CVE-2009-2333
Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the menu parameter to admin/adminmenu.php, and the id parameter to 2 index.php and 3 admin/adminedit.php; and 4 delete arbitrary...
CVE-2009-2331
Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code 1 into settings.php via the menu parameter to adminsettings.php or 2 into a content/=NUMBER.php file via the title parameter to adminnew.php...
CVE-2009-2333
CVE-2009-2333 affects CMS Chainuk 1.2 and earlier. Multiple directory traversal flaws allow remote attackers to include and execute arbitrary local files via .. in (1) menu parameter to admin/admin_menu.php, and (2) id parameter to index.php, and (3) id parameter to admin/admin_edit.php; and (4) ...
CVE-2009-2332
CMS Chainuk 1.2 and earlier is affected by a remote information-disclosure vulnerability. An attacker can cause the system to reveal the installation path in an error message by supplying (1) a crafted id parameter to index.php or (2) a nonexistent folder name in the id parameter to admin/admin_d...
CVE-2009-2330
Cross-site scripting XSS vulnerability in admin/adminmenu.php in CMS Chainuk 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter...
CVE-2009-2330
CVE-2009-2330 describes a cross-site scripting (XSS) vulnerability in the CMS Chainuk 1.2 and earlier. The flaw exists in admin/admin_menu.php and is exploitable via the menu parameter, allowing remote attackers to inject arbitrary web script or HTML. Documents consistently identify the affected ...
CMS Chainuk <= 1.2 Multiple Remote Vulnerabilities
No description provided by source. CMS Chainuk = v.1.2 Vulns Home: Cms.tut.su Dork: "Cms.tut.su, 2009 g." eLwauxc 14.06.2 LFI /index.php --------------------------------------------------------------------------- 6: if isset$GET 'id' 7: 8: color=white$id = $GET 'id';/color 9: 10: else 11: 12: $id...