18 matches found
EUVD-2008-3170
Malware in sbrugna...
EUVD-2008-3171
Malware in sbrugna...
contentnow 1.4.1 (upload/xss) Multiple Vulnerabilities
No description provided by source. =============================================================== ContentNow CMS Upload/XSS Multiple Remote Vulnerabilities =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...
CVE-2008-3180
Multiple cross-site scripting XSS vulnerabilities in upload/file/languagemenu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter or 2 PATHINFO...
CVE-2008-3181
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in upload/file/languagemenu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter or 2 PATHINFO...
Unrestricted file upload
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/...
CVE-2008-3180
Multiple cross-site scripting XSS vulnerabilities in upload/file/languagemenu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter or 2 PATHINFO...
CVE-2008-3181
CVE-2008-3181 affects ContentNow CMS 1.4.1, where an unrestricted file upload vulnerability in upload.php allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and then accessing it via a direct request to the file in the upload/ directory. T...
CVE-2008-3180
CVE-2008-3180 affects ContentNow CMS 1.4.1. The vulnerability is described as multiple cross-site scripting (XSS) flaws in upload/file/language_menu.php, exploitable via the (1) pageid parameter or (2) PATH_INFO. The NVD entry lists a base CVSS v2 score of 4.3 (MEDIUM) with network attack vector,...
CVE-2008-3181
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/...
contentnow-uploadxss.txt
=============================================================== ContentNow CMS Upload/XSS Multiple Remote Vulnerabilities =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
ContentNow 1.4.1 - Arbitrary File Upload Cross-Site Scripting
ContentNow 1.4.1 - Arbitrary File Upload Cross-Site Scripting =============================================================== ContentNow CMS Upload/XSS Multiple Remote Vulnerabilities =============================================================== ,--^----------,--------,-----,-------^--, |...
ContentNow 1.4.1 - Arbitrary File Upload / Cross-Site Scripting
=============================================================== ContentNow CMS Upload/XSS Multiple Remote Vulnerabilities =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
ContentNow CMS 1.39 Sql Injection + Path Disclosure Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ContentNow CMS 1.39 'pageid' Sql Injection + Path Disclosure Severity : Medium Risk Vendor : http://www.contentnow.mf4k.de/ Author : Revenge -------------------------------------------------- Description ContentNow is a PHP Content Management System w...
ContentNow CMS 1.39 'pageid' Sql Injection + Path Disclosure Vulnerabilities
ContentNow CMS 1.39 Sql Injection + Path Disclosure Vulnerabilities Severity : Medium risk Vendor : www.contentnow.mf4k.de Author : Alfredo 'revenge' Pesoli -------------------------------------------------- Description ContentNow is a PHP Content Management System web 2.0 compliant, more info ca...
ContentNow 1.39 - pageid SQL Injection
ContentNow 1.39 - pageid SQL Injection !/usr/bin/perl -w use IO::Socket; use strict; ContentNow "pageid" Sql Injection Version : 1.39 Url : http://www.contentnow.mf4k.de Author : Alfredo 'revenge' Pesoli Advisory : http://www.0xcafebabe.it/advisory/contentnow139sqlinjection.txt Description: The...
ContentNow 1.39 - 'pageid' SQL Injection
!/usr/bin/perl -w use IO::Socket; use strict; ContentNow "pageid" Sql Injection Version : 1.39 Url : http://www.contentnow.mf4k.de Author : Alfredo 'revenge' Pesoli Advisory : http://www.0xcafebabe.it/advisory/contentnow139sqlinjection.txt Description: The "pageid" parameter isn't properly...