47 matches found
EUVD-2017-18758
Malware in sbrugna...
EUVD-2008-4138
Malware in sbrugna...
EUVD-2008-6166
Malware in sbrugna...
File Upload Vulnerability in easySite Content Management System
CSCL is a provider of artificial intelligence technology and informatization software and platforms. A file upload vulnerability exists in easySite Content Management System, which can be exploited by attackers to gain control of the server...
Ideagen Easysite SQL Injection Vulnerability
Ideagen Easysite is a web content management system from Ideagen UK. A SQL injection vulnerability exists in the CInfoService.asmx file of WebServices in Ideagen Easysite version 7.0. The vulnerability can be exploited by remote attackers to execute arbitrary SQL commands via a specially crafted...
Sql injection
SQL injection vulnerability in CInfoService.asmx in WebServices in Easysite 7.0 could allow remote attackers to execute arbitrary SQL commands via an XML document containing a crafted ArticleIDs element within a GetArticleHitsArray element...
CVE-2017-9848
SQL injection vulnerability in CInfoService.asmx in WebServices in Easysite 7.0 could allow remote attackers to execute arbitrary SQL commands via an XML document containing a crafted ArticleIDs element within a GetArticleHitsArray element...
CVE-2017-9848
SQL injection vulnerability in CInfoService.asmx in WebServices in Easysite 7.0 could allow remote attackers to execute arbitrary SQL commands via an XML document containing a crafted ArticleIDs element within a GetArticleHitsArray element...
CVE-2017-9848
SQL injection vulnerability in CInfoService.asmx in WebServices in Easysite 7.0 could allow remote attackers to execute arbitrary SQL commands via an XML document containing a crafted ArticleIDs element within a GetArticleHitsArray element...
CVE-2017-9848
CVE-2017-9848 affects Ideagen Easysite 7.0, specifically the WebServices component C_InfoService.asmx. A SQL injection vulnerability exists in GetArticleHitsArray when processing a crafted XML document containing a targeted ArticleIDs element, enabling remote attackers to execute arbitrary SQL co...
SQL Injection Vulnerability in EasySite WebService Interface
easySite Content Management System is a professional portal content management system developed and completed by ZKHUILIAN. EasySite WebService interface SQL injection vulnerability, the vulnerability stems from the WebService WSDL interface fails to submit sufficient data filtering caused by an...
easysite内容管理系统某简单粗暴的SQL注入
简要描述: web services是不会骗人的! 大量gov站点采用了easysite内容管理系统。 详细说明: 1.soap注入 easysite webservice 文件: http://www.py.gov.cn/DesktopModules/CInfo/WebService/CInfoService.asmx 2.ArticleIDs参数存在SQL注入漏洞 随便找个放sqlmap里跑吧 POST /DesktopModules/CInfo/WebService/CInfoService.asmx HTTP/1.1 Host: dynamic.xmedu.gov.cn...
EasySite 2.0 - browser.php EASYSITE_BASE Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28563/info EasySite is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and th...
EasySite 2.0 - image_editor.php EASYSITE_BASE Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28563/info EasySite is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and th...
EasySite 2.0 - skin_chooser.php EASYSITE_BASE Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28563/info EasySite is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and th...
easysite 2.3 - Multiple Vulnerabilities
No description provided by source. + EasySite v2.3 Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin ,ToxicBlood,MesSiAH,xZu,HrN + Local File Inclusion...
AlberT-EasySite <= 1.0a5 (PSA_PATH) Remote File Include Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - AES: AlberT-EasySite = 1.0a5 Remote File Include Vulnerability + + + - Script name: AES: AlberT-EasySite v. 1.0a5 - Script site:...
easySite内容管理系统FCKeditor上传任意类型文件
简要描述: 早有人搞了 在网上没见公开的.. 详细说明: 漏洞证明:...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the EASYSITEBASE parameter to 1 browser.php, 2 imageeditor.php and 3 skinchooser.php in configuration/. NOTE: the provenance of this information is...
CVE-2008-6196
Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the EASYSITEBASE parameter to 1 browser.php, 2 imageeditor.php and 3 skinchooser.php in configuration/. NOTE: the provenance of this information is...