EUVD-2009-3488

Malware in sbrugna...

EUVD-2009-3489

Malware in sbrugna...

CVE-2009-3520

Cross-site request forgery CSRF vulnerability in the Youraccount module in CMSphp 0.21 allows remote attackers to hijack the authentication of administrators for requests that change an administrator password via the pseudo, pwd, and uid parameters in an admininfouserverif action...

cmsphp 0.21 (lfi/xss) Multiple Vulnerabilities

No description provided by source. + CMSphp 0.21 LFI/XSS Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/cmsphp/ + Local File Inclusion - PoC...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Youraccount module in CMSphp 0.21 allows remote attackers to hijack the authentication of administrators for requests that change an administrator password via the pseudo, pwd, and uid parameters in an admininfouserverif action...

CVE-2009-3520

Cross-site request forgery CSRF vulnerability in the Youraccount module in CMSphp 0.21 allows remote attackers to hijack the authentication of administrators for requests that change an administrator password via the pseudo, pwd, and uid parameters in an admininfouserverif action...

CVE-2009-3520

Cross-site request forgery CSRF vulnerability in the Youraccount module in CMSphp 0.21 allows remote attackers to hijack the authentication of administrators for requests that change an administrator password via the pseudo, pwd, and uid parameters in an admininfouserverif action...

CVE-2009-3520

CVE-2009-3520 is a CSRF vulnerability affecting CMSphp 0.21 in the Your_account module. Remote attackers can coerce an administrator’s browser to perform a password-change action (admin_info_user_verif) by supplying the parameters pseudo , pwd , and uid , effectively hijacking administrator authe...

CVE-2009-3507

Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the modfile parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the 1 cookuser parameter to index.php and the 2 name parameter to modules.php...

Directory traversal

Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the modfile parameter...

CVE-2009-3507

CVE-2009-3507 is a vulnerability in CMSphp 0.21 where a directory traversal via the mod_file parameter allows remote attackers to include and execute arbitrary local files using “..”. This is supported by multiple records (NVD, CVE list, PRION, CVELIST) and aligned with the observed CVSSv2 base s...

CVE-2009-3507

Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the modfile parameter...

CVE-2009-3506

Multiple cross-site scripting XSS vulnerabilities in CMSphp 0.21 allow remote attackers to inject arbitrary web script or HTML via the 1 cookuser parameter to index.php and the 2 name parameter to modules.php...

CVE-2009-3506

CVE-2009-3506 involves multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21. The affected software is CMSphp 0.21, with XSS achievable through the cook_user parameter to index.php and the name parameter to modules.php. The available records describe the underlying issue as improper ...

PT-2009-5812 · Cmsphp · Cmsphp

Name of the Vulnerable Software and Affected Versions: CMSphp version 0.21 Description: A cross-site request forgery CSRF issue exists in the Your account module, allowing remote attackers to hijack administrator authentication for requests that change an administrator's password. This is achieve...

CMSphp 0.21 Cross Site Request Forgery

Author: REMOVED AT REQUEST OF AUTHOR CMS: CMSphp 0.21 Type of vulnerability: Cross site request forgery You can download following cms on : http://webscripts.softpedia.com/script/Content-Management/CMSphp-37567.html CMSphp 0.21 suffers from Cross site request forgery which allows malicious attack...

CMSphp 0.21 LFI / XSS

CMSphp 0.21 LFI/XSS Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/cmsphp/ + Local File Inclusion - PoC http://127.0.0.1/path/modules.php?name=Youraccount&modfile=../../../../../../boot.ini%00 +...

CMSphp 0.21 (LFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. + CMSphp 0.21 LFI/XSS Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/cmsphp/ + Local File Inclusion - PoC...

CMSphp 0.21 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== CMSphp 0.21 LFI/XSS Multiple Remote Vulnerabilities ===================================================== + CMSphp 0.21 LFI/XSS Multiple Remote Vulnerabilities + Discovered By SirGod +...