30 matches found
EUVD-2010-4857
Malware in sbrugna...
festos-xenia.gr Cross Site Scripting vulnerability OBB-3518947
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
FestOs <= 2.2.1 - Multiple RFI Exploit
No description provided by source. Exploit Title: FestOs = 2.2.1 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/festos/downloads/list Version: N/A Tested on: GNU/LINUX Code : reportsplacement.php ?php $title = Jury Sheet Report;...
festos cms 2.3b Multiple Vulnerabilities
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 9 0day | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-9-festos-cms-2-3b-multiple-remote-vulnerabilities/ ''' Title : FestOS CMS 2.3b Multiple Remote...
CVE-2010-4893
Cross-site scripting XSS vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers to inject arbitrary web script or HTML via the category parameter in a details action...
Cross site scripting
Cross-site scripting XSS vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers to inject arbitrary web script or HTML via the category parameter in a details action...
CVE-2010-4893
CVE-2010-4893 : XSS vulnerability in FestOS 2.3b, affecting foodvendors.php via the details action’s category parameter, allowing remote arbitrary web-script/HTML injection. The vulnerability is documented across multiple sources (NVD/NVD entry) with no publicly provided patch details in the conn...
CVE-2010-4893
Cross-site scripting XSS vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers to inject arbitrary web script or HTML via the category parameter in a details action...
FestOS <= 2.3c TinyBrowser File Upload Code Execution (meta)
Exploit for php platform in category remote exploits...
FestOS <= 2.3c TinyBrowser File Upload Code Execution
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
FestOS <= 2.3c Multiple CSRF Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
FestOS 2.3c - upload.php Arbitrary File Upload
FestOS 2.3c - upload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/47751/info FestOS is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and r...
FestOS 2.3c - 'upload.php' Arbitrary File Upload
source: https://www.securityfocus.com/bid/47751/info FestOS is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and run it in the context of the webserver process...
FestOS <= 2.3c (CSRF/FU) Multiple Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
FestOS 2.3c XSRF / Shell Upload
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Month Of Abysssec Undisclosed Bugs - FestOS CMS 2.3b
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | query$query; poc: in admin.php page: username: admin' or '1'='1 password: admin' or '1'='1 1.2- in festoszdologin.php: $query = "SELECT vendorID FROM ".$config'dbprefix'."vendors WHERE LCASEemail =...
festos CMS 2.3b - Multiple Vulnerabilities
festos CMS 2.3b - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | query$query; poc: in admin.php page: username: admin' or '1'='1 password: admin' or '1'='1 1.2- in festoszdologin.php: $query = "SELECT vendorID FROM...
festos CMS 2.3b - Multiple Vulnerabilities
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | query$query; poc: in admin.php page: username: admin' or '1'='1 password: admin' or '1'='1 1.2- in festoszdologin.php: $query = "SELECT vendorID FROM ".$config'dbprefix'."vendors WHERE LCASEemail =...
FestOS CMS 2.3b Multiple Remote Vulnerabilities
Exploit for php platform in category web applications =============================================== FestOS CMS 2.3b Multiple Remote Vulnerabilities =============================================== Title : FestOS CMS 2.3b Multiple Remote Vulnerabilities Affected Version : query$query; poc: in...
XSS vulnerability in FestOS
Vulnerability ID: HTB22472 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinfestos.html Product: FestOS Vendor: Skypanther Studios, Inc http://festengine.org/ Vulnerable Version: 2.3b and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...