27 matches found
EUVD-2010-4746
Malware in sbrugna...
EUVD-2010-4745
Malware in sbrugna...
EUVD-2010-0502
Malware in sbrugna...
CVE-2010-0471
SQL injection vulnerability in the comment submission interface includes/comment.php in Enano CMS before 1.0.6pl1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...
Enano CMS 1.1.8pl1 Cross Site Scripting
Exploit Title: EnanoCMS 1.1.8pl1 XSS Vulnerability Google Dork: "Website engine powered by Enano" Date: 24-2-2015 Exploit Author: Dennis Veninga Vendor Homepage: http://enanocms.org Version: 1.1.8pl1 Tested on: Firefox 36 & Chrome 38 / W8.1-x64 XSS Vulnerability in comments:...
enano cms 1.1.7pl1 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22709 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenanocms.html Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection...
CVE-2010-4780
SQL injection vulnerability in the checkbanlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these...
CVE-2010-4781
index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message...
Sql injection
SQL injection vulnerability in the checkbanlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these...
Design/Logic Flaw
index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message...
CVE-2010-4780
SQL injection vulnerability in the checkbanlist function in includes/sessions.php in Enano CMS 1.1.7pl1; 1.0.6pl2; and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2 allows remote attackers to execute arbitrary SQL commands via the email parameter to index.php. NOTE: some of these...
CVE-2010-4781
index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message...
CVE-2010-4780
SQL injection in Enano CMS affects the check_banlist code path (includes/sessions.php) and can be triggered via the email parameter to index.php, allowing remote execution of arbitrary SQL. Impact is SQL-level access to the application database for affected versions (1.1.7pl1, 1.0.6pl2 and possib...
CVE-2010-4781
Vulnerability summary (CVE-2010-4781) : Enano CMS versions including 1.1.7pl1 and potentially earlier builds (e.g., 1.1.8, 1.0.6pl3, 1.1.7pl2) are affected by a path-disclosure flaw in a crafted title parameter. The error message reveals the installation directory path, enabling an attacker to in...
Enano CMS 1.1.7pl1 Multiple Vulnerabilities
Exploit for php platform in category web applications =========================================== Enano CMS 1.1.7pl1 Multiple Vulnerabilities =========================================== Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: ...
Path disclosure in Enano CMS
Vulnerability ID: HTB22708 Reference: http://www.htbridge.ch/advisory/pathdisclosureinenanocms.html Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: 16 November 2010 Vulnerability Type: Path disclosure Status: Fixed by Vendor Risk leve...
SQL Injection in Enano CMS
Vulnerability ID: HTB22709 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenanocms.html Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk level:...
enano CMS 1.1.7pl1 - Multiple Vulnerabilities
enano CMS 1.1.7pl1 - Multiple Vulnerabilities Vulnerability ID: HTB22709 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenanocms.html Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: 16 November 2010 Vulnerability Type: SQL...
Enano CMS 1.1.7pl1 Path Disclosure / SQL Injection
Vulnerability ID: HTB22709 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenanocms.html Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk level:...
enano CMS 1.1.7pl1 - Multiple Vulnerabilities
Vulnerability ID: HTB22709 Reference: http://www.htbridge.ch/advisory/sqlinjectioninenanocms.html Product: Enano CMS Vendor: enanocms.org http://enanocms.org/ Vulnerable Version: 1.1.7pl1 Vendor Notification: 16 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk level:...