52 matches found
EUVD-2009-0538
Malware in sbrugna...
EUVD-2012-1911
Malware in sbrugna...
EUVD-2008-3701
Malware in sbrugna...
EUVD-2009-1255
Malware in sbrugna...
CVE-2012-1901
Multiple cross-site request forgery CSRF vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to 1 hijack the authentication of users for requests that change account settings via a request to index.php/profile-edit-save or 2 hijack the authentication of administrators for requests...
FlexCMS 3.2.1 - Multiple CSRF Vulnerabilities
No description provided by source. +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : FlexCMS 3.2.1 Multiple CSRF Date : 16-03-2012 Author : Ivano Binetti http://www.ivanobinetti.com...
FlexCMS 2.5 'CookieUsername' Cookie Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36179/info FlexCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
FlexCMS 2.5 'inc-core-admin-editor-previouscolorsjs.php' Cross-Site Scripting Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-85553' vul ID version = '1' author = 'fenghh' vulDate =...
FlexCMS 3.2.1 - Persistent XSS for logged in users
No description provided by source. Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In the main pag...
CVE-2012-1901
Multiple cross-site request forgery CSRF vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to 1 hijack the authentication of users for requests that change account settings via a request to index.php/profile-edit-save or 2 hijack the authentication of administrators for requests...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to 1 hijack the authentication of users for requests that change account settings via a request to index.php/profile-edit-save or 2 hijack the authentication of administrators for requests...
CVE-2012-1901
Summary of CVE-2012-1901 (CONTEXT: FlexCMS) Vulnerable software: FlexCMS versions 3.2.1 and earlier.Root cause / vulnerability type: Cross-site request forgery (CSRF) vulnerabilities.Impacted actions: An attacker can hijack authentication for (1) users changing account settings via a request to i...
CVE-2012-1901
Multiple cross-site request forgery CSRF vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to 1 hijack the authentication of users for requests that change account settings via a request to index.php/profile-edit-save or 2 hijack the authentication of administrators for requests...
FlexCMS 3.2.1 Cross Site Scripting
Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In the main page of the webiste, there is "Users...
FlexCMS 3.2.1 Cross Site Request Forgery
+---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : FlexCMS 3.2.1 Multiple CSRF Date : 16-03-2012 Author : Ivano Binetti http://www.ivanobinetti.com Software link :...
FlexCMS 3.2.1 Multiple CSRF Vulnerabilities
Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : FlexCMS 3.2.1 Multiple CSRF Date : 16-03-2012 Author : Ivano Binetti...
FlexCMS 3.2.1 - Persistent Cross-Site Scripting
Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In the main page of the webiste, there is "Users...
FlexCMS 3.2.1 - Persistent Cross-Site Scripting
FlexCMS 3.2.1 - Persistent Cross-Site Scripting Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In...
FlexCMS 3.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities
FlexCMS 3.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities +---------------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : FlexCMS 3.2.1 Multiple CSRF Date : 16-03-2012 Author : Ivano...
FlexCMS 3.2.1 for logged in users XSS
Exploit for php platform in category web applications Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this...