30 matches found
EUVD-2015-1509
Malware in sbrugna...
EUVD-2015-1511
Malware in sbrugna...
EUVD-2015-1510
Malware in sbrugna...
EUVD-2015-1508
Malware in sbrugna...
CVE-2015-1371
Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in custom/uploads/...
CVE-2015-1374
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to hijack the authentication of administrators for requests that conduct 1 cross-site scripting XSS, 2 SQL injection, or 3 unrestricted file upload attacks...
CVE-2015-1372
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php...
CVE-2015-1373
Multiple cross-site scripting XSS vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web script or HTML via the 1 action parameter in a search request, 2 username in a login request, which is not properly handled when logging the event, or 3 page titl...
ferretCMS cross-site scripting vulnerability (CNVD-2016-03510)
FerretCMS is a content management system. A cross-site scripting vulnerability exists in FerretCMS due to a failure to validate user input effectively. An attacker is able to execute malicious script code on the affected site...
FerretCMS 'admin.php' Cross-Site Scripting Vulnerability
FerretCMS is a content management system CMS based on PHP and MySQL. The system provides features such as page management, template management and user management. A cross-site scripting vulnerability exists in FerretCMS, which stems from the program's failure to adequately filter user-submitted...
FerretCMS 2.0.2-alpha - CSRF / Full Path Disclosure Vulnerabilities
Exploit for php platform in category web applications Title : FerretCMS 2.0.2-alpha - Exploit CSRF Vulnerability Author : ZwX Date : 24/02/2015 Download : https://codeload.github.com/JRogaishio/ferretCMS/zip/master Vendor : https://github.com/JRogaishio Level Security : Hight Tested on : Windows ...
Multiple Cross-Site Request Forgery Vulnerabilities in FerretCMS
FerretCMS is a content management system. FerretCMS has multiple cross-site request forgery vulnerabilities that could be exploited by attackers to perform unauthorized operations and access...
FerretCMS Arbitrary File Upload Vulnerability
FerretCMS is a content management system. An arbitrary file upload vulnerability exists in FerretCMS, which could be exploited by an attacker to upload arbitrary files...
Multiple HTML Injection Vulnerabilities in FerretCMS
FerretCMS is a content management system. Multiple HTML injection vulnerabilities exist in FerretCMS, which could be exploited by an attacker to execute arbitrary HTML and script code in the context of an affected application...
FerretCMS Cross-Site Scripting Vulnerability
FerretCMS is a content management system. A cross-site scripting vulnerability exists in FerretCMS that allows an attacker to steal cookie-based authentication credentials...
CVE-2015-1374
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to hijack the authentication of administrators for requests that conduct 1 cross-site scripting XSS, 2 SQL injection, or 3 unrestricted file upload attacks...
CVE-2015-1373
Multiple cross-site scripting XSS vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to inject arbitrary web script or HTML via the 1 action parameter in a search request, 2 username in a login request, which is not properly handled when logging the event, or 3 page titl...
CVE-2015-1372
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php...
Unrestricted file upload
Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in custom/uploads/...
Sql injection
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php...