15 matches found
EUVD-2007-2209
Malware in sbrugna...
DMCMS 0.7 Index.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26169/info DMCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
CVE-2008-3720
CVE-2008-3720 describes a SQL injection vulnerability in DeeEmm CMS (DMCMS) 0.7.4, where remote attackers can execute arbitrary SQL commands through the page parameter of index.php. The vulnerability is noted as overlapping with CVE-2007-5679 (id parameter in media page), indicating a reused vuln...
CVE-2008-3721
CVE-2008-3721 affects DeeEmm CMS (DMCMS) 0.7.4. The vulnerability is a PHP remote file inclusion in user_language.php triggered by a URL in the language_dir parameter, allowing remote attackers to execute arbitrary PHP code. The NVD/CVE records consistently describe this RFI flaw with CVSS v2 bas...
DeeEmm CMS (DMCMS) 0.7.4 Multiple Remote Vulnerabilities
No description provided by source. DeeEmm CMS Sql Injection/Rfi AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Script Download :...
dmcms-sql.txt
Aria-Security Team DMcms Sql Injection http://target.ltd/PATH/index.php?page=media&id=SQL INJECTION CODE GOES HERE Other files may have this vuln. also. Credits goes to Aria-Security Team http://Aria-Security.net The-0utl4w...
[Aria-Security.Net] dmcms.0.7.0 SQL Injection
Aria-Security Team DMcms Sql Injection http://target.ltd/PATH/index.php?page=media&id=SQL INJECTION CODE GOES HERE Other files may have this vuln. also. Credits goes to Aria-Security Team http://Aria-Security.net The-0utl4w...
deeemm CMS (dmcms) 0.7 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/26169/info DMCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, o...
deeemm CMS (dmcms) 0.7 - index.php SQL Injection
deeemm CMS dmcms 0.7 - index.php SQL Injection source: https://www.securityfocus.com/bid/26169/info DMCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
DMCMS Upload_File.PHP任意文件上传漏洞
DMCMS是一款基于PHP的WEB应用程序。 DMCMS不正确过滤用户提交的输入,远程攻击者可以利用漏洞上传任意文件并以WEB权限执行。 问题是'uploadfile.php'脚本对用户提交的WEB参数缺少过滤,可导致绕过上传文件验证机制上传恶意PHP文件,并以WEB权限执行。 DMCMS 0.6.3 Beta 漏洞提供者 ACKERS PAL...
Unrestricted file upload
Unrestricted file upload vulnerability in includes/uploadfile.php in DmCMS allows remote attackers to upload arbitrary PHP scripts by placing a script's contents in both the File2 and File3 parameters, and sending a ok.php?do=act Referer...
CVE-2007-2214
Unrestricted file upload vulnerability in includes/uploadfile.php in DmCMS allows remote attackers to upload arbitrary PHP scripts by placing a script's contents in both the File2 and File3 parameters, and sending a ok.php?do=act Referer...
CVE-2007-2214
Unrestricted file upload vulnerability in includes/uploadfile.php in DmCMS allows remote attackers to upload arbitrary PHP scripts by placing a script's contents in both the File2 and File3 parameters, and sending a ok.php?do=act Referer...
CVE-2007-2214
CVE-2007-2214 describes an unrestricted file upload in DmCMS (includes/upload_file.php) that allows remote attackers to upload arbitrary PHP scripts by submitting script contents in both the File2 and File3 parameters and triggering ok.php?do=act Referer. The vulnerability enables an attacker to ...
dmcms-upload.txt
Hello Title : DmCMS Shell Upload Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] File .. includes/uploadfile.php After Giving Some conditions will allow you to upload any file you want the exploit here is the proof .. exploit : !/usr/bin/php...