15 matches found
EUVD-2006-1297
Malware in sbrugna...
Contrexx CMS egov Module 1.0.0 - SQL Injection
Exploit for php platform in category web applications Exploit Title: Contrexx CMS:egov moudle SQL injection Google Dork: inurl:?section=egov Date: 12/9/2016 Exploit Author: hamidreza borghei Software Link: https://www.cloudrexx.com/de/index.php?section=downloads&cmd=7&category=8 Version: 1.0.0...
Contrexx CMS egov Module 1.0.0 - SQL Injection
Contrexx CMS egov Module 1.0.0 - SQL Injection Exploit Title: Contrexx CMS:egov moudle SQL injection Google Dork: inurl:?section=egov Date: 12/9/2016 Exploit Author: hamidreza borghei Software Link: https://www.cloudrexx.com/de/index.php?section=downloads&cmd=7&category=8 Version: 1.0.0 Tested on...
Contrexx CMS egov Module 1.0.0 - SQL Injection
Exploit Title: Contrexx CMS:egov moudle SQL injection Google Dork: inurl:?section=egov Date: 12/9/2016 Exploit Author: hamidreza borghei Software Link: https://www.cloudrexx.com/de/index.php?section=downloads&cmd=7&category=8 Version: 1.0.0 Tested on: linux sql injection in id parameter:...
Contrexx CMS 1.0.x Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17128/info Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Contrexx CMS: crossite scripting, registration automation...
Vulnerabilities in Contrexx CMS
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Insufficient Anti-automation уязвимостях в Contrexx CMS. XSS: http://site/index.php?section=search&term=2220style=22xss:expressionalertdocument.cookie IE Insufficient Anti-Automation: На странице регистраций...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string PHPSELF...
CVE-2006-1293
Cross-site scripting XSS vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string PHPSELF...
CVE-2006-1293
Cross-site scripting XSS vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string PHPSELF...
CVE-2006-1293
CVE-2006-1293 describes a cross-site scripting (XSS) vulnerability in Contrexx CMS up to version 1.0.8 (and earlier) where an attacker can inject arbitrary script or HTML via the PHP_SELF query string to index.php. Affected software: Contrexx CMS (versions
Contrexx CMS Xss Vuln
------------------------------------------ Contrexx CMS Xss Vuln ------------------------------------------ Site : http://www.contrexx.com Bug : http://victim/path/index.php/"scriptalert/Soot//script Vulnerable : All Version = v1.0.8 ------------------------------------------ Source :...
Contrexx CMS 1.0.x - index.php Cross-Site Scripting
Contrexx CMS 1.0.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17128/info Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue t...
Contrexx CMS Xss Vuln
------------------------------------------ Contrexx CMS Xss Vuln ------------------------------------------ Site : http://www.contrexx.com Bug : http://victim/path/index.php/"scriptalert/Soot//script Example : http://www.astalavista.com/index.php/"scriptalert/Soot//script...
Contrexx CMS 1.0.x - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17128/info Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...