4 matches found
EUVD-2010-3480
Malware in sbrugna...
Sql injection
Multiple SQL injection vulnerabilities in cmswrite.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the 1 title and 2 menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication...
CVE-2010-3482
CVE-2010-3482 affects Primitive CMS 1.0.9, specifically the cms_write.php component, where multiple SQL injection vulnerabilities exist in the title and menutitle parameters. The root cause is improper input handling, enabling remote authenticated administrators to execute arbitrary SQL commands....
CVE-2010-3483
CVE-2010-3483 affects Primitive CMS 1.0.9: the file cms_write.php does not properly restrict access, enabling remote attackers to gain administrative privileges via a direct request. The description notes this vulnerability can be leveraged to perform cross-site scripting (XSS) using the title, c...