CVE-2018-10523

CMS Made Simple CMSMS through 2.2.7 contains a physical path leakage Vulnerability via /modules/DesignManager/action.ajaxgettemplates.php, /modules/DesignManager/action.ajaxgetstylesheets.php, /modules/FileManager/dunzip.php, or /modules/FileManager/untgz.php...

PT-2024-5676 · Unknown · Netcat Cms

Name of the Vulnerable Software and Affected Versions: Netcat CMS filemanager module affected versions not specified Description: The issue is related to a cross-site request forgery vulnerability in the filemanager module of the Netcat CMS system. This could allow a remote attacker to execute...

PT-2024-5678 · Unknown · Netcat Cms

Name of the Vulnerable Software and Affected Versions: Netcat CMS affected versions not specified Description: The issue exists due to a lack of protection for the web page structure in the filemanager module of the Netcat CMS system. This allows a remote attacker to execute arbitrary JavaScript...

CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit

No description provided by source. ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....:...

CVE-2012-3805

Multiple cross-site scripting XSS vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 absendername, 2 absenderemail, or 3 absendernachricht parameter to the content page; 4...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 absendername, 2 absenderemail, or 3 absendernachricht parameter to the content page; 4...

CVE-2008-2267

The CVE-2008-2267 entry concerns CMS Made Simple (CMSMS) 1.2.4 and earlier, where the FileManager module’s Postlet component (javaUpload.php) uses an incomplete blacklist. This allows remote attackers to upload a file whose name ends with extensions such as .jsp, .php3, .cgi, .dhtml, .phtml, .php...

CMS Made Simple &lt;= 1.2.4 (FileManager module) File Upload Exploit

No description provided by source. ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX...

cmsmadesimple-upload.txt

?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit

Exploit for unknown platform in category web applications ================================================================= CMS Made Simple = 1.2.4 FileManager module File Upload Exploit ================================================================= ?php /...

CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload

?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...