24 matches found
EUVD-2026-10275
A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument order leads to sql injection. The attack can be initiated remotely. The exploit is...
EUVD-2006-0514
Malware in sbrugna...
EUVD-2006-3125
Malware in sbrugna...
EUVD-2006-0515
Malware in sbrugna...
SQL Injection Vulnerability in the 'id[]' Parameter of Business Easy CMS
Shangyi CMS, or 31cms for short, is a drop-in microsoft public platform management system. A SQL injection vulnerability exists in Business Easy CMS. The lack of filtering of the 'id' parameter allows attackers to exploit the vulnerability to obtain sensitive information about the database...
gp easy CMS Minishop 1.5 Plugin Persistent XSS
No description provided by source. Exploit Title: gp easy CMS Minishop 1.5 plugin persistent XSS Date: july 2 2012 Exploit Author: Carlos Mario Penahos Hollmann Vendor Homepage:http://gpeasy.com/Download Software Link: http://gpeasy.com/SpecialAddonPlugins?cmd=download&id=31 Version: 1.5 The...
QuickerSite Easy CMS Database Disclosure
-------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.nullarea.net contact : AlpHaATHACKERDOTBZ script : QuickerSite Easy CMS download : null Demo : http://cupofcoffee.quickersite.com/ Exploits : --=DATABASE DISCLOSURE=--...
QuickerSite Easy CMS (QuickerSite.mdb) Database Disclosure Vulnerability
No description provided by source. -------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.nullarea.net contact : AlpHaATHACKERDOTBZ script : QuickerSite Easy CMS download : null Demo : http://cupofcoffee.quickersite.com/ Exploits : --=DATABASE...
QuickerSite Easy CMS - Database Disclosure
QuickerSite Easy CMS - Database Disclosure -------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.nullarea.net contact : AlpHaATHACKERDOTBZ script : QuickerSite Easy CMS download : null Demo : http://cupofcoffee.quickersite.com/ Exploits :...
QuickerSite Easy CMS - Database Disclosure
-------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.nullarea.net contact : AlpHaATHACKERDOTBZ script : QuickerSite Easy CMS download : null Demo : http://cupofcoffee.quickersite.com/ Exploits : --=DATABASE DISCLOSURE=--...
QuickerSite Easy CMS (QuickerSite.mdb) Database Disclosure Vulnerability
Exploit for unknown platform in category web applications ======================================================================== QuickerSite Easy CMS QuickerSite.mdb Database Disclosure Vulnerability ========================================================================...
easycms.txt
Easy CMS 0.1.2 Php Shell Upload Vulnerabilities ---------------------------------------------------- site:http://sourceforge.net/projects/php-easy-cms/ demo:http://www.easy-cms.be/ -------------------------------------------------- Bug: 1http://victim/choosefile.php Documents Images Scripts Style...
CVE-2006-3128
choosefile.php in easy-CMS 0.1.2, when modmime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a GIF file extension, then directly accessing that file in the Repositories...
CVE-2006-3128
The CVE-2006-3128 issue affects easy-CMS 0.1.2 when mod_mime is active: the upload check does not restrict filenames with multiple extensions, enabling an attacker to upload a PHP file named with a GIF extension and then access it in the Repositories directory to achieve arbitrary PHP code execut...
CVE-2006-3128
choosefile.php in easy-CMS 0.1.2, when modmime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a GIF file extension, then directly accessing that file in the Repositories...
Easy CMS 0.1.2 Php Shell Upload Vulnerabilities
Easy CMS 0.1.2 Php Shell Upload Vulnerabilities ---------------------------------------------------- site:http://sourceforge.net/projects/php-easy-cms/ demo:http://www.easy-cms.be/ -------------------------------------------------- Bug: 1http://victim/choosefile.php Documents Images Scripts Style...
CVE-2006-0507
Multiple cross-site scripting XSS vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via 1 unknown attack vectors in the administrative interface and 2 input fields of the contact form...
Improper access control
Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory...
CVE-2006-0508
Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via 1 unknown attack vectors in the administrative interface and 2 input fields of the contact form...