CompactCMS 1.4.1 - SQL Injection

CompactCMS 1.4.1 - SQL Injection Vulnerability ID: HTB22697 Reference: http://www.htbridge.ch/advisory/sqlinjectionincompactcms.html Product: CompactCMS Vendor: compactcms.nl http://www.compactcms.nl/ Vulnerable Version: 1.4.1 Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injectio...

CompactCMS 1.4.1 - SQL Injection

Vulnerability ID: HTB22697 Reference: http://www.htbridge.ch/advisory/sqlinjectionincompactcms.html Product: CompactCMS Vendor: compactcms.nl http://www.compactcms.nl/ Vulnerable Version: 1.4.1 Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...

Multiple Vulnerabilities in CompactCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CompactCMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in CompactCMS 1.1 The vulnerability exists due to input sanitation error i...

Cross-site Scripting (XSS) Vulnerability in CompactCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in CompactCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in CompactCMS The vulnerability exists due to input sanitation error in the "keywords" parameter in...

CompactCMS 1.4.0 Remote File Upload

dear sir or madam ITSecTeam has found new vulnerability in CompactCMS 1.4.0 tinymce In the following contain some information about the bug best regards [email protected] Technical Manager Title: CompactCMS 1.4.0 tinymce Remote File Upload Vendor: http://www.compactcms.nl/ AUTHOR: ITSecTeam Email:...

CompactCMS 1.4.0 - tiny_mce Arbitrary File Upload

CompactCMS 1.4.0 - tinymce Arbitrary File Upload Title: CompactCMS 1.4.0 tinymce Remote File Upload Vendor: http://www.compactcms.nl/ AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...

CompactCMS 1.4.0 - 'tiny_mce' Arbitrary File Upload

Title: CompactCMS 1.4.0 tinymce Remote File Upload Vendor: http://www.compactcms.nl/ AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability52.htm Thanks: r3dm0v3, pejvak,...

CompactCMS 1.4.0 (tiny_mce) Remote File Upload

Exploit for php platform in category web applications ============================================== CompactCMS 1.4.0 tinymce Remote File Upload ============================================== Title: CompactCMS 1.4.0 tinymce Remote File Upload Vendor: http://www.compactcms.nl/ AUTHOR: ITSecTeam...

CVE-2008-4909

CVE-2008-4909 refers to a CSRF vulnerability in CompactCMS 1.1 and earlier, allowing remote attackers to perform unauthorized actions as legitimate users via unspecified vectors. The connected documents reiterate the same description without detailing affected versions beyond “1.1 and earlier,” n...

CVE-2008-4909

Cross-site request forgery CSRF vulnerability in CompactCMS 1.1 and earlier allows remote attackers to perform unauthorized actions as legitimate users via unspecified vectors...

CVE-2008-4909

Cross-site request forgery CSRF vulnerability in CompactCMS 1.1 and earlier allows remote attackers to perform unauthorized actions as legitimate users via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in CompactCMS 1.1 and earlier allows remote attackers to perform unauthorized actions as legitimate users via unspecified vectors...