EUVD-2009-2265

Malware in sbrugna...

EUVD-2018-12863

Malware in sbrugna...

Empire CMS core encryption algorithm has logic flaws

Empire CMS it is based on B/S structure, Empire CMS-logo easy-to-use website management system. It is a well-designed and efficient website solution for Linux/windows/Unix and other environments. Empire CMS core encryption algorithm has a logical loophole, attackers can use the vulnerability to...

Imperial cms background exists arbitrary file deletion vulnerability

Empire CMS is a content management system CMS. An arbitrary file deletion vulnerability exists in the backend of Empire cms, which can be exploited by an attacker to delete arbitrary files...

Code injection

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file...

CVE-2018-20300

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file...

CVE-2018-20300

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file...

CVE-2018-20300

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file...

CVE-2018-20300

Empire CMS 7.5 is affected by CVE-2018-20300. A remote attacker can execute arbitrary PHP code by supplying a crafted ftemp parameter in the enews=EditMemberForm action, because the code is injected into a memberform.$fid.php file. Affected component: the enews EditMemberForm flow in Empire CMS 7...

Empire CMS <= 3.7 (checklevel.php) Remote File Include Vulnerability

No description provided by source. Empire CMS =3.7 checklevel.php Remote File Include Vulnerability Find by: Bob Linuson Code: 2 $includefile=$checkpath.e/class/MemberLevel.php; 3 include$includefile; ..... 67 include$checkpath.e/class/connect.php; 68 include$checkpath.e/class/dbsql.php; 69...

Empire CMS checklevel.php check_path Parameter PHP Code Execution - Ver2 (CVE-2006-4354)

A code execution vulnerability has been reported in Phome Empire CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Empire CMS checklevel.php check_path Parameter PHP Code Execution - Ver2 (CVE-2006-4354)

A code execution vulnerability has been reported in Phome Empire CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Empire cms 7.0 background to get shell-vulnerability warning-the black bar safety net

Empire CMS7. 0 background can upload the mod suffix PHP file and execute inside php code. Into the backgroundit! Method a: system data tables with the system model-management data table and then randomly selected one data table, open the corresponding data table of the“management system model”as...

Empire CMS(EmpireCMS)commodity rate plugin injection vulnerability-vulnerability warning-the black bar safety net

Since the parameters of the variables not to initialize the detection result pf\rate.php and pf\ratemovie.php in the variable $id exists injection risk. $id = $GET"id"; $query = "SELECT infopfen,infopfennum FROM phomeecmsshop WHERE id=$id"; $result = mysqlquery$query; $v = $GET"v"; $id =$GET"id";...

Empire CMS backstage password reset vulnerability-vulnerability warning-the black bar safety net

5.0 and previous versions: use phpmyadmin to modify the phomeenewsuser table, the password field is set to the value: e10adc3949ba59abbe56e057f20f883e The password is: 1 2 3 4 5 6 Version 5.1: use phpmyadmin to modify the phomeenewsuser table of the record: the password field value is set...

Empire CMS backstage password reset vulnerability-vulnerability warning-the black bar safety net

5.0 and previous versions: use phpmyadmin to modify the phomeenewsuser table, the password field is set to the value: e10adc3949ba59abbe56e057f20f883e The password is: 1 2 3 4 5 6 Version 5.1: use phpmyadmin to modify the phomeenewsuser table of the record: the password field value is set...

Empire cms the latest version of the background to get webshell method-vulnerability warning-the black bar safety net

Don't know who did the hair too. Anyway yesterday I get a station of their own. Must share out it!!!! Due to my day that Station is the Empire cms 6.6 the latest version, so the Internet to find some of the methods are failure! Custom pages-added custom page-feel free to write a xxx. php file nam...

Empire cms backstage to get a shell vulnerability and fix-vulnerability warning-the black bar safety net

The first method: add a custom page 6.0 on experiment success Template management - add custom page - page name casually--file name: xx. asp;. html--the page content--pony copy the contents into it Save the post and then the Admin page Click you can go see your horse, generally in the root...

Empire CMS 47 SQL Injection

No description provided by source. ?php printr" +------------------------------------------------------------------+ Application Info: Name: EmpireCMS47 -------------------------------------------- Discoverd By: Securitylab.ir Contacts: info@securitylabdotir Note: just work as php=5&mysql=4.1...

Empire CMS guestbook multibyte vulnerability-vulnerability warning-the black bar safety net

Author: dark gray Find used Empire CMS station,the site behind a directly applied:e/tool/gbook/? bid=1 Out is Empire CMS the guestbook,in the name of writing:缞\ Contact email at:,1,1,1,select concatusername,0×5f,password,0×5f,rnd from phomeenewsuser where userid=1,1,1,1,0,0,0/ After the submissio...