314 matches found
CVE-2015-2679
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the 1 page parameter to index.php or 2 username parameter to gxadmin/login.php...
CVE-2015-2680
Cross-site request forgery CSRF vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php...
CVE-2015-2680
CVE-2015-2680 is a CSRF flaw in MetalGenix GeniXCMS before 0.0.2 that lets an attacker hijack administrator access by adding an admin account via gxadmin/index.php. Red Hat and OSV records describe an incomplete fix (token-based CSRF protection not validated against an Admin session), leading to ...
CVE-2015-2679
CVE-2015-2679 affects MetalGenix GeniXCMS up to version 0.0.2. The issue is due to unsanitized inputs: the page parameter in index.php and the username parameter in gxadmin/login.php are used directly in SQL queries, enabling remote SQL injection. Exploits/public PoCs exist (e.g., Exploit-DB 3632...
CVE-2015-2678
MetalGenix GeniXCMS before 0.0.2 is affected by multiple cross-site scripting (XSS) flaws. The vulnerability stems from unsanitized input in the cat parameter on gxadmin/index.php (for the categories page) and the page parameter on index.php, enabling remote attackers to inject arbitrary script/H...
GeniXCMS Multiple Vulnerabilities
GeniXCMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GeniXCMS 0.0.1 SQL Injection
GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...
GeniXCMS 0.0.1 Cross Site Scripting
GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP...
GeniXCMS 0.0.1 Cross Site Request Forgery
GeniXCMS v0.0.1 CSRF Add Admin Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to...
GeniXCMS 0.0.1 - Multiple Vulnerabilities
GeniXCMS 0.0.1 - Multiple Vulnerabilities GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight...
GeniXCMS 0.0.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and...
GeniXCMS v0.0.1 CSRF Add Admin Exploit
Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description The application allows users...
GeniXCMS v0.0.1 Persistent Script Insertion Vulnerability
Summary GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate PHP developer to Advanced Developer. Some manual configurations are needed to make this application to work. Description Input passed to the 'cat' PO...
GeniXCMS 0.0.1 - Multiple Vulnerabilities
GeniXCMS v0.0.1 Remote Unauthenticated SQL Injection Exploit Vendor: MetalGenix Product web page: http://www.genixcms.org Affected version: 0.0.1 Summary: GenixCMS is a PHP Based Content Management System and Framework CMSF. It's a simple and lightweight of CMSF. Very suitable for Intermediate...