28 matches found
EUVD-2018-7437
Malware in sbrugna...
EUVD-2018-6838
Malware in sbrugna...
EUVD-2018-6839
Malware in sbrugna...
EUVD-2008-5903
Malware in sbrugna...
EUVD-2008-5904
Malware in sbrugna...
CMS ISWEB SQL Injection Vulnerability
CMS ISWEB is a content management system CMS. A SQL injection vulnerability exists in CMS ISWEB version 3.5.3. A remote attacker can exploit this vulnerability to inject malicious query statements into the application and obtain sensitive information...
CVE-2018-14956
CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information...
Sql injection
CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information...
Directory traversal
CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggettodocumenti/../.././inc/config.php one can take the control of the application because credentials are present in that config.php file...
CVE-2018-14956
CVE-2018-14956 affects CMS ISWEB 3.5.3. The vulnerability is SQL injection in the web application, enabling a remote attacker to inject malicious queries and obtain sensitive information. The PacketStorm page provides a PoC and details indicating an attacker could access the entire database and p...
CVE-2018-14956
CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information...
CMS ISWEB 3.5.3 SQL Injection
Description CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information. ------------------------------------------ Additional Information PoC Prints: https://imgur.com/a/buXJJKC ?id=1'...
CMS ISWEB Cross-Site Scripting Vulnerability
CMS ISWEB is a content management system CMS. A cross-site scripting vulnerability exists in the index.php file in CMS ISWEB version 3.5.3. A remote attacker can inject arbitrary web scripts or code with the help of the 'ordineRis', 'sezioneRicerca' or 'ogettiRicerca' parameter. parameter...
Code injection
CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php...
CVE-2018-15562
CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php...
CVE-2018-15562
CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php...
CMS ISWEB 3.5.3 Cross Site Scripting
CMS ISWEB 3.5.3 XSS Reflected CVE CVE-2018-15562 Parameter vuln: ordineRis, sezioneRicerca oggettiRicerca PoC Prints: https://i.imgur.com/5YpESoC.png Vendor of Product http://www.isweb.it Attack Type Remote Attack Vectors Payload:" URL:...
CMS ISWEB 3.5.3 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: CMS ISWEB 3.5.3 - Directory Traversal Exploit Author: Thiago "thxsena" Sena Vendor Homepage: http://www.isweb.it Version: 3.5.3 Tested on: Linux CVE : N/A PoC: CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file...
CMS ISWEB 3.5.3 - Directory Traversal
CMS ISWEB 3.5.3 - Directory Traversal Exploit Title: CMS ISWEB 3.5.3 - Directory Traversal Date: 2018-08-01 Exploit Author: Thiago "thxsena" Sena Vendor Homepage: http://www.isweb.it Version: 3.5.3 Tested on: Linux CVE : N/A PoC: CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file...
CMS ISWEB 3.5.3 Directory Traversal
Exploit Title: CMS ISWEB 3.5.3 - Directory Traversal Date: 2018-08-01 Exploit Author: Thiago "thxsena" Sena Vendor Homepage: http://www.isweb.it Version: 3.5.3 Tested on: Linux CVE : N/A PoC: CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by...