EUVD-2007-4899

Malware in sbrugna...

EUVD-2008-6998

Malware in sbrugna...

EUVD-2008-3661

Malware in sbrugna...

Malicious code in gelato-framework (npm)

The package gelato-framework was found to contain malicious code...

MAL-2025-21254 Malicious code in gelato-framework (npm)

The package gelato-framework was found to contain malicious code...

sugarfree-gelato.com Cross Site Scripting vulnerability OBB-2443260

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Gelato (index.php post) Remote SQL Injection Exploit

No description provided by source. ? Gelato SQL Injection exploit Dork: powered by gelato cms Homepage: http://gelatocms.com s 0 c r a t e x msn: s0cratexatnasadotgov greetz: D.O.M and plexinium team inisetmaxexecutiontime,0; function gettext $in = fopenphp://stdin, 'r'; $text = fgets$in, 1024;...

CVE-2008-7039

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

CVE-2008-7039

CVE-2008-7039 concerns Gelato CMS 0.95, where an XSS flaw exists in admin/comments.php via the comment content parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML when processing a comment, per the NVD description. The linked connected records corroborate t...

CVE-2008-7039

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

CVE-2008-3675

Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via 1 a .. dot dot and possibly 2 a full pathname in the img parameter. NOTE: some of these details are obtained from third party information...

Directory traversal

Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via 1 a .. dot dot and possibly 2 a full pathname in the img parameter. NOTE: some of these details are obtained from third party information...

CVE-2008-3675

The CVE-2008-3675 entry concerns a directory traversal in Gelato 0.95. Affected component: classes/imgsize.php (Gelato 0.95). Vulnerable input: the img parameter, where attackers can supply ../ or full pathnames to read arbitrary files on the server. Impact is read access to arbitrary local files...

CVE-2008-3675

Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via 1 a .. dot dot and possibly 2 a full pathname in the img parameter. NOTE: some of these details are obtained from third party information...

gelato CMS 0.95 - img Remote File Disclosure

gelato CMS 0.95 - img Remote File Disclosure =---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelat...

gelato CMS 0.95 (img) Remote File Disclosure Vulnerability

No description provided by source. =---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelato CMS | Bu...

gelato CMS 0.95 - 'img' Remote File Disclosure

=---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelato CMS | Bug : Remote File Disclosure...

gelatocms-disclose.txt

=---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelato CMS | Bug : Remote File Disclosure...

gelato CMS 0.95 (img) Remote File Disclosure Vulnerability

Exploit for unknown platform in category web applications ========================================================== gelato CMS 0.95 img Remote File Disclosure Vulnerability ========================================================== =---------------------------------------------= = ,.:oO0^-^0Oo:....