12 matches found
EUVD-2006-0734
Malware in sbrugna...
EUVD-2006-0733
Malware in sbrugna...
CVE-2006-0726
Cross-site scripting XSS vulnerability in linking.php in CPG-Nuke Dragonfly CMS 9.0.6.1 allows remote attackers to inject arbitrary web script or HTML via a URI that is generated when creating a list of online users...
Cross site scripting
Cross-site scripting XSS vulnerability in linking.php in CPG-Nuke Dragonfly CMS 9.0.6.1 allows remote attackers to inject arbitrary web script or HTML via a URI that is generated when creating a list of online users...
CVE-2006-0727
CVE-2006-0727 describes a SQL injection in mstrack.php of MusOX DF MSAnalysis (DFMSA), used with CPG-Nuke Dragonfly CMS. An attacker can trigger path disclosure via a SQL syntax error and may be able to execute arbitrary SQL commands. The affected software is MusOX DF MSAnalysis as used in Dragon...
CVE-2006-0726
CVE-2006-0726 is an XSS vulnerability in linking.php of CPG-Nuke Dragonfly CMS 9.0.6.1. The issue allows remote attackers to inject arbitrary web script or HTML via a URI that is generated when creating a list of online users. Affected component: linking.php within Dragonfly CMS 9.0.6.1. The conn...
CVE-2006-0726
Cross-site scripting XSS vulnerability in linking.php in CPG-Nuke Dragonfly CMS 9.0.6.1 allows remote attackers to inject arbitrary web script or HTML via a URI that is generated when creating a list of online users...
CVE-2006-0644
Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS aka CPG Dragonfly CMS 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in 1 the newlang parameter and 2 the installlang...
Directory traversal
Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS aka CPG Dragonfly CMS 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in 1 the newlang parameter and 2 the installlang...
CVE-2006-0644
Dragonfly CMS (CPG-Nuke) 9.0.6.1 contains multiple directory traversal vulnerabilities in install.php that allow remote attackers to include and execute arbitrary local files. The issue arises from insufficient validation of the newlang parameter and the installlang cookie, which can be exploited...
CVE-2006-0644
Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS aka CPG Dragonfly CMS 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in 1 the newlang parameter and 2 the installlang...
CPG Dragonfly Multiple XSS
The version of CPG Dragonfly / CPG-Nuke CMS installed on the remote host suffers from multiple cross-site scripting vulnerabilities due to its failure to sanitize user-input to several variables in various modules. An attacker can exploit these flaws to steal cookie-based authentication credentia...