8 matches found
CVE-2013-7334
Cross-site request forgery CSRF vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q parameter, related to CVE-2012-6290...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q parameter, related to CVE-2012-6290...
CVE-2012-6290
CVE-2012-6290 affects ImageCMS before 4.2. The vulnerability is a SQL injection in the q parameter sent to /admin/admin_search/, caused by insufficient filtration of input. If exploited, remote authenticated administrators could execute arbitrary SQL commands; CSRF could enable remote unauthentic...
SQL Injection Vulnerability in ImageCMS
Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...
ImageCMS 4.0.0b - Multiple Vulnerabilities
Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...
ImageCMS 4.0.0b SQL injection/ CSRF Vulnerabilities
Exploit for php platform in category web applications Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL...
ImageCMS 4.0.0b - Multiple Vulnerabilities
ImageCMS 4.0.0b - Multiple Vulnerabilities Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability...
ImageCMS 4.0.0b SQL Injection
Advisory ID: HTB23132 Product: ImageCMS Vendor: www.imagecms.net Vulnerable Versions: 4.0.0b and probably prior Tested Version: 4.0.0b Vendor Notification: December 5, 2012 Vendor Patch: January 16, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...