FineCMS 1.0 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: FineCMS 1.0 Multiple Vulnerabilities Dork: N/A Date: 29.08.2017 Vendor Homepage : http://mvc.net.pl/ Software Link: https://github.com/andrzuk/FineCMS Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Explo...

CVE-2017-11198

Cross-site scripting XSS vulnerability in /application/lib/ajax/getimage.php in FineCMS through 2017-07-12 allows remote attackers to inject arbitrary web script or HTML via the folder, id, or name parameter...

FineCMS multi vulnerablity

Reflected XSS in getimage.php Technical Description: file /application/lib/ajax/getimage.php the $POST'id' and $POST'name' and $GET'folder' without any validated, sanitised or output encoded. Proof of ConceptPoC http://yourfinecms/application/lib/ajax/getimage.php?folder=1 POST: id=1"alert1&name=...

Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure

!/usr/bin/python Date : 20/01/2008 Author : Julien CAYSSOL import sys, urllib2,re useragent = 'Mozilla/6.0 compatible; MSIE 6.0; Windows NT' headers = 'User-Agent' : useragent , 'Accept-Charset' : 'ISO-8859-15' if name == "main": if lensys.argv==2: host = sys.argv1 print " + Host : " + host url =...

Centreon <= 1.4.2.3 (get_image.php) Remote File Disclosure Exploit

Exploit for unknown platform in category web applications ================================================================== Centreon = 1.4.2.3 getimage.php Remote File Disclosure Exploit ================================================================== !/usr/bin/python Date : 20/01/2008 Author ...