9 matches found
OEcms 3.1 Cross Site Scripting
Title: ======= OEcms v3.1 - Reflected Cross-Site Scripting Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment. CMS...
Dimofinf CMS 3.0.0 Cross Site Scripting
Title: ======= Dimofinf CMS Version 3.0.0 - Reflected Cross-Site Scripting Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative...
LIFE CMS Directory Traversal
Title: ======= LIFE CMS - Directory Traversal Introduction: ============== Life Educacional comprises a set of online computer tools capable of bringing agility and control in all activities of a teaching institution, whether public or private, or basic, basic, secondary or higher education. It i...
JGI CMS 1.0 Directory Traversal
Title: ======= JGI CMS - Directory Traversal Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment. CMS features vary...
JGI CMS 1.0 Script Source Code Disclosure
Title: ======= JGI CMS - Script Source Code Disclosure Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment. CMS...
CMS Subkarma Cross Site Scripting / SQL Injection Vulnerabilities
CMS Subkarma suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data. Multiple SQL Injection & XSS on CMS SUBKARMA Risk: High CWE number: CWE-89,CWE-79 Date: 13/10/2014 Vendor: www.jttel.com.tw Author: Felipe " Renzi " Gabriel...
DuBose Web Group CMS Cross Site Scripting
Cross Site Scripting on DuBose Web Group CMS Risk: Low CWE number: CWE-79 Date: 19/04/2014 Vendor: www.duboseweb.com Author: Felipe Gabriel Renzi Contact: [email protected] Tested on Windows 8 pro Vulnerable File: product.php Exploit: http://host/path/product.php?pname=xss PoC: - Target:...
Indeziner CMS Cross Site Scripting
Cross Site Scripting on INDEZINER CMS Risk: Low CWE number: CWE-79 Date: 19/04/2014 Vendor: indeziner.com Author: Felipe Gabriel Renzi Contact: [email protected] Tested on Windows 8 pro Vulnerable File: vendorprofile.php Exploit: http://host/vendorprofile.php?vendorid=xss PoC: - Target:...
Wapoweb SQL Injection
SQL Injection on Wapoweb Risk: High CWE number: CWE-89 Date: 19/04/2014 Vendor: www.wapoweb.net Author: Felipe " Renzi " Gabriel Contact: [email protected] Tested on Windows 8 pro Vulnerable File: prodotti.php Exploit: http://www.site.com/prodotti.php?c=SQLI...