18 matches found
EUVD-2017-15971
Malware in sbrugna...
EUVD-2017-15969
Malware in sbrugna...
CVE-2017-6915
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
Fastspot BigTree CMS Cross-Site Request Forgery Vulnerability (CNVD-2017-03387)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in Fastspot BigTree CMS version 4.1.18. An attacker can exploit this vulnerability to perform unauthorized operations with...
Cross site request forgery (csrf)
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
Cross site request forgery (csrf)
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6915
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6915
CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. The Colophon can be changed...
CVE-2017-6917
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. The Colophon can be changed...
Mambo Colophon Component <= 1.2 - Remote Inclusion Vulnerability
No description provided by source. Command Mambo Colophon =1.2 by Drago84 Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug:...
Colophon Component Admin.Colophon.PHP远程文件包含漏洞
Colophon是一款基于PHP的WEB应用程序。 Colophon不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'Admin.Colophon.PHP'脚本对用户提交的"mosConfigabsolutepath"参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Joomla Colophon 1.2...
colophon.txt
REMOTE COMMAND Mambo Colophon =1.2 by Drago84 Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug: requireonce"$mosConfigabsolutepath/components/comcolophon/language/$mosConfiglang.php"; path: add in...
CVE-2006-3969
Colophon 1.2 and earlier for Joomla! has a PHP remote file inclusion vulnerability in administrator/components/com_colophon/admin.colophon.php that allows remote code execution via a URL supplied in mosConfig_absolute_path. Affected: Colophon prior to version 1.2, components likely involved inclu...
CVE-2006-3969
PHP remote file inclusion vulnerability in administrator/components/comcolophon/admin.colophon.php in Colophon 1.2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability
No description provided by source. Command Mambo Colophon =1.2 by Drago84 Found By Drago84 Exclusive Security Italian Security This bug allows a remote atacker to execute commands via rfi page: admin.colophon.php bug:...
Mambo Colophon Component <= 1.2 Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================== Mambo Colophon Component = 1.2 Remote Inclusion Vulnerability ============================================================== Command Mambo Colophon =1.2 by Drago84 Found By...