66 matches found
EUVD-2007-2611
Malware in sbrugna...
EUVD-2007-6659
Malware in sbrugna...
EUVD-2007-1843
Malware in sbrugna...
EUVD-2008-6445
Malware in sbrugna...
EUVD-2007-1842
Malware in sbrugna...
EUVD-2007-1844
Malware in sbrugna...
EUVD-2008-1378
Malware in sbrugna...
Drake CMS 0.4.11 RC8 - 'd_root' Parameter Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28165/info Drake CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...
Drake CMS 0.3.7 404.PHP Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23215/info Drake CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...
Drake CMS <= 0.4.11 Remote Blind SQL Injection Exploit
No description provided by source. ?php / ------------------------------------------------------ Drake CMS = 0.4.11 Remote Blind SQL Injection Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://drakecms.sourceforge.net...
Drake CMS 0.2 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source...
Drake CMS < 0.2.3 ALPHA rev.916Remote File Inclusion Vulnerability
No description provided by source. Coding 4 Fun c4f.pl Drake CMS v0.2.2 ALPHA rev.846 http://drakecms.org ; Class = Remote File Inclusion ; Download = https://sourceforge.net/project/showfiles.php?groupid=166901&packageid=192077&releaseid=420102 ; Found by = GregStar gregstaratc4fdotpl ;...
Drake CMS 0.4.9 'index.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27459/info Drake CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Lanius CMS <= 0.5.2 Remote Arbitrary File Upload Exploit
Exploit for unknown platform in category web applications ======================================================== Lanius CMS = 0.4.6 and Lanius CMS $maxsz 53. return sprintfUPLOADTOOBIG, convertbytes$filesz, convertbytes$maxsz; 54. 55. $thyname = basenameurldecode$FILES$elem'name'; 56. if...
CVE-2008-6475
SQL injection vulnerability in the guestbook component components/guestbook/guestbook.php in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header HTTPVIA to index.php...
Sql injection
SQL injection vulnerability in the guestbook component components/guestbook/guestbook.php in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header HTTPVIA to index.php...
CVE-2008-6475
CVE-2008-6475 affects Drake CMS up to version 0.4.11, where the guestbook component (components/guestbook/guestbook.php) is vulnerable. An attacker can trigger a SQL injection by sending a crafted HTTP_VIA header to index.php, enabling remote execution of arbitrary SQL commands. The available doc...
CVE-2008-6475
SQL injection vulnerability in the guestbook component components/guestbook/guestbook.php in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header HTTPVIA to index.php...
drakecms-sql.txt
gid 17. if '' === $gbname = in'gbname', SQL | NOHTML, $POST, '', 50 18. || '' === $gbemail = in'gbemail', SQL | NOHTML, $POST, '', 50 19. || !isemail$gbemail 20. 21. CMSResponse::BackFORMNC; 22. else 23. $gbname = $my-name; 24. $gbemail = $my-email; 25. 26. 27. $timeout = $params-get'timeout',5;...
Drake CMS <= 0.4.11 Remote Blind SQL Injection Exploit
No description provided by source. ?php / ------------------------------------------------------ Drake CMS = 0.4.11 Remote Blind SQL Injection Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://drakecms.sourceforge.net...