18 matches found
EUVD-2017-15969
Malware in sbrugna...
EUVD-2017-15971
Malware in sbrugna...
CVE-2017-6915
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
Fastspot BigTree CMS Cross-Site Request Forgery Vulnerability (CNVD-2017-03387)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in Fastspot BigTree CMS version 4.1.18. An attacker can exploit this vulnerability to perform unauthorized operations with...
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6915
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
Cross site request forgery (csrf)
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
Cross site request forgery (csrf)
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6915
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
Mambo Colophon Component <= 1.2 - Remote Inclusion Vulnerability
No description provided by source. Command Mambo Colophon =1.2 by Drago84 Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug:...
Colophon Component Admin.Colophon.PHP远程文件包含漏洞
Colophon是一款基于PHP的WEB应用程序。 Colophon不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'Admin.Colophon.PHP'脚本对用户提交的"mosConfigabsolutepath"参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Joomla Colophon 1.2...
colophon.txt
REMOTE COMMAND Mambo Colophon =1.2 by Drago84 Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug: requireonce"$mosConfigabsolutepath/components/comcolophon/language/$mosConfiglang.php"; path: add in...
CVE-2006-3969
Colophon 1.2 and earlier for Joomla! has a PHP remote file inclusion vulnerability in administrator/components/com_colophon/admin.colophon.php that allows remote code execution via a URL supplied in mosConfig_absolute_path. Affected: Colophon prior to version 1.2, components likely involved inclu...
CVE-2006-3969
PHP remote file inclusion vulnerability in administrator/components/comcolophon/admin.colophon.php in Colophon 1.2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================== Mambo Colophon Component = 1.2 Remote Inclusion Vulnerability ============================================================== Command Mambo Colophon =1.2 by Drago84 Found By...
Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability
No description provided by source. Command Mambo Colophon =1.2 by Drago84 Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug:...