XCMS v1.83 - Remote Command Execution Exploit

Exploit Title: XCMS v1.83 - Remote Command Execution RCE Author: Onurcan Email: email protected Site: ihteam.net Script Download : http://www.xcms.it Date: 26/12/2022 The xcms's footerthat is in "/dati/generali/footer.dtb" is included in each page of the xcms. Taking "home.php" for example: So th...

Acal calendar 2.2.6 CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: Acal calendar Multiple Vulns Date: 11-03-2012 Author: Number 7 Software Link: http://sourceforge.net/projects/acalproj/files/latest/download?source=directory Version: 2.2.6 Dork: "Calendar Admin: Edit Header and Footer" Tested o...

CVE-2006-0183

Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...