114 matches found
Design/Logic Flaw
joyplus-cms 1.6.0 has XSS in adminplayer.php, related to manager/index.php "system manage" and "add" actions...
NewsBee CMS 1.4 - Cross-Site Request Forgery
NewsBee CMS 1.4 - Cross-Site Request Forgery. Webapps exploit for PHP platform Title: NewsBee CMS 1.4 - Cross-Site Request Forgery Author: indoushka Tested on: windows 10 Français V.Pro Vendor: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 Dork: N...
CVE-2018-3814
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets-Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension...
CVE-2017-15981
Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/adminprocess.php for form editing...
cmsinstant.ru Open Redirect vulnerability
Vulnerable URL: https://cmsinstant.ru/go/url=https://openbugbounty.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| 4944305 VIP website status:| No Coordinated...
ClipBucket 2.8.3 - Multiple Vulnerabilities
Exploit for php platform in category web applications @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15,...
CMS Elevel v1. 0 news.php parameter id SQL injection vulnerability
No description provided by source...
Pligg CMS 2.0.2 load_data_for_search.php SQL注入漏洞
No description provided by source...
Deep CMS 2.0 Index.PHP Remote File Include Vulnerability
No description provided by source...
cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
No description provided by source...
Quate CMS 0.3.4 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source...
CMS Formulasi 2.07 - Multiple Vulnerabilities
No description provided by source. / \ / | / \ /000000 | 00 | /000000 | 00 \00/ / \ / \ / \ 00 \ / / \ / \ 00 \00/ / \ / | 00 \ 000000 |/000000 |000000 |0000000 |000000 0000 | 000000 | 00 \ /000000 |/0000000/ 000000 | / 00 |00 | 00/ / 00 |00 | 00 |00 | 00 | 00 | / 00 | 000000 |00 00 |00 | / \00...
[Dumb0] A simple tool to dump users in popular forums and CMS
A simple tool to dump users forums popular forums and CMS like: WordPress SMF vBulletin IP Board XEN forums myBB useBB vanilla bbPress etc... Download Dumb0...
Squiz CMS - Multiple Cross-Site Scripting / XML External Entity Injection Vulnerabilities
source: https://www.securityfocus.com/bid/54049/info Squiz CMS is prone to multiple cross-site scripting vulnerabilities and an XML external entity injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit these issues to execute arbitrary code in th...
DIY Web CMS Multiple Vulnerabilities
Exploit for asp platform in category web applications SQL and XSS in DIY Web CMS found by : p0pc0rn 22/2/2011 web : http://www.mydiyweb.com.my dork : intext:"powered by DiyWeb" SQL - Microsoft JET Database Engine error -----------------------------------------...
Analysis of the fine fast CMS vulnerability-vulnerability warning-the black bar safety net
| The following is my personal analysis of the results as there are errors please forgive me The main problem in retrieve password member. php? action=getpw Look at the code case 'getpw': $showsubmenu = 0; $logstatus && showmsg$lang'loginalready', $forward; if isset$POST'submit' $msg = $POST'hash...
log1 CMS 2.0 - Session Handling Remote Security Bypass / Remote File Inclusion
source: https://www.securityfocus.com/bid/40636/info log1 CMS is prone to a security-bypass vulnerability because of a design flaw and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to gain unauthorized access,...
Schaf-CMS 1.0 - SQL Injection
Schaf-CMS 1.0 SQL Injection Vulnerability Author : Manas58 Homepage : http://www.1923turk.com Script : Schaf-CMS 1.0 Download : http://www.brothersoft.com/site-builder-software---cms-53489.html Vulnerable File cms.php?id= SQL XpL...
4x CMS - login.php Multiple SQL Injections
4x CMS - login.php Multiple SQL Injections source: https://www.securityfocus.com/bid/39840/info 4xcms is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
DS CMS 1.0 SQL Injection
======================================================= +++++++++++++++++++ information +++++++++++++++++++++++ ======================================================= + Script :DS CMS 1.0 nFileId Remote SQL Injection Vulnerability + Script site : http://cms.dsinternal.com/Home + D0rk : Copyright...