18 matches found
EUVD-2007-5786
Malware in sbrugna...
EUVD-2007-5787
Malware in sbrugna...
CONTENTCustomizer 3.1 Dialog.PHP Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26437/info CONTENTCustomizer is prone to an unauthorized access vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker could exploit this issue to delete arbitrary files,...
CONTENTCustomizer 3.1 Dialog.PHP Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26291/info CONTENTCustomizer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. CONTENTCustomizer 3.1mp is vulnerable;...
CONTENTCustomizer 3.1 - 'Dialog.php' Unauthorized Access
source: https://www.securityfocus.com/bid/26437/info CONTENTCustomizer is prone to an unauthorized access vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker could exploit this issue to delete arbitrary files, rename files, or reset the content of...
CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access
CONTENTCustomizer 3.1 - Dialog.php Unauthorized Access source: https://www.securityfocus.com/bid/26437/info CONTENTCustomizer is prone to an unauthorized access vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker could exploit this issue to delete...
CVE-2007-5817
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a 1 del, 2 delbackup, 3 res, or 4 ren action. NOTE: this issue can be leveraged to conduct cross-site scripting XSS and possibly other attacks...
Cross site scripting
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a 1 del, 2 delbackup, 3 res, or 4 ren action. NOTE: this issue can be leveraged to conduct cross-site scripting XSS and possibly other attacks...
Default credentials
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page...
CVE-2007-5816
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page...
CVE-2007-5816
The CVE-2007-5816 issue affects CONTENTCustomizer 3.1mp and earlier, where dialog.php allows a remote attacker to obtain sensitive author credentials by issuing an editauthor action and then reading the newlocalpassword input field in the resulting HTML. The underlying cause is exposure of a pass...
CVE-2007-5817
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a 1 del, 2 delbackup, 3 res, or 4 ren action. NOTE: this issue can be leveraged to conduct cross-site scripting XSS and possibly other attacks...
CVE-2007-5817
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a 1 del, 2 delbackup, 3 res, or 4 ren action. NOTE: this issue can be leveraged to conduct cross-site scripting XSS and possibly other attacks...
CVE-2007-5816
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page...
CVE-2007-5817
CVE-2007-5817 affects CONTENTCustomizer 3.1mp and earlier. The issue allows remote attackers to perform certain privileged actions via (1) del, (2) delbackup, (3) res, or (4) ren actions, and it can be leveraged to perform cross-site scripting (XSS) and possibly other attacks. Connected sources c...
CONTENTCustomizer 3.1 - Dialog.php Information Disclosure
CONTENTCustomizer 3.1 - Dialog.php Information Disclosure source: https://www.securityfocus.com/bid/26291/info CONTENTCustomizer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks...
CONTENTCustomizer 3.1 - 'Dialog.php' Information Disclosure
source: https://www.securityfocus.com/bid/26291/info CONTENTCustomizer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. CONTENTCustomizer 3.1mp is vulnerable; other versions may also be...
contentcustom-disclose.txt
CONTENTCustomizer Trick: Hit Ctrl+Y on a page that ContentCustomizer controls and it brings you to the login screen ; Dork: inurl:"generator/default.php?doc=" Other fun stuff: dialog.php?action=del&doc='+pagename // Delete dialog.php?action=delbackup&doc='+pagename // Delete Backup...