EUVD-2010-2619

Malware in sbrugna...

EUVD-2010-2618

Malware in sbrugna...

Grafik CMS 1.1.2 - Multiple CSRF Vulnerabilities

No description provided by source. !--- Title: Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities Author: 10n1z3d 10n1z3datwdotcn Date: Mon 12 Jul 2010 07:07:22 PM EEST Vendor: http://www.grafik-power.com/grafikcms/ Download: None --- -= CSRF PoC 1 - Change Admin Password =- html head titleGrafik CMS...

Grafik CMS 1.1.2 Cross Site Request Forgery

Date: Mon 12 Jul 2010 07:07:22 PM EEST Vendor: http://www.grafik-power.com/grafikcms/ Download: None --- -= CSRF PoC 1 - Change Admin Password =- Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create Admin User =- Grafik CMS 1.1.2 Multiple CSRF...

Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities

Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Mon 12 Jul 2010 07:07:22 PM EEST Vendor: http://www.grafik-power.com/grafikcms/ Download: None --- -= CSRF PoC 1 - Change Admin Password =- Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF P...

Grafik CMS 1.1.2 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Mon 12 Jul 2010 07:07:22 PM EEST Vendor: http://www.grafik-power.com/grafikcms/ Download: None --- -= CSRF PoC 1 - Change Admin Password =- Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create Admin User =- Grafik CMS 1.1.2 Multiple CSRF...

Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities

Exploit for php platform in category web applications ============================================== Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities ============================================== Date: Mon 12 Jul 2010 07:07:22 PM EEST Vendor: http://www.grafik-power.com/grafikcms/ Download: None -...

CVE-2010-2615

Multiple cross-site scripting XSS vulnerabilities in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 pagemenu and 2 description parameters in an editpage action...

CVE-2010-2614

SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in an editpage action...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 pagemenu and 2 description parameters in an editpage action...

Sql injection

SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in an editpage action...

CVE-2010-2615

Grafik CMS 1.1.2 (admin/admin.php) contains Cross-Site Scripting (XSS) flaws that allow injection of arbitrary HTML/JS via the page_menu (settings) and description (edit_page) parameters. The vulnerability arises from input sanitization errors in /admin/admin.php. Exploitation requires the attack...

CVE-2010-2614

SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in an editpage action...

CVE-2010-2614

Grafik CMS 1.1.2 (admin/admin.php) is affected by an SQL injection via the id parameter in the edit_page action. All connected sources consistently describe this vulnerability and its impact as arbitrary SQL execution on remote attackers; details on vulnerable versions beyond 1.1.2 are not explic...

CVE-2010-2615

Multiple cross-site scripting XSS vulnerabilities in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 pagemenu and 2 description parameters in an editpage action...

Grafik CMS 1.1.2 Cross Site Scripting

Vulnerability ID: HTB22438 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingrafikcms.html Product: Grafik CMS Vendor: GrafikPower Vulnerable Version: 1.1.2 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...

Grafik CMS 1.1.2 SQL Injection

Vulnerability ID: HTB22440 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityingrafikcms.html Product: Grafik CMS Vendor: GrafikPower Vulnerable Version: 1.1.2 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vend...

Grafik CMS 1.1.2 Cross Site Scripting

Vulnerability ID: HTB22439 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingrafikcms1.html Product: Grafik CMS Vendor: GrafikPower Vulnerable Version: 1.1.2 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...

Grafik CMS - admin.php SQL Injection Cross-Site Scripting

Grafik CMS - admin.php SQL Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/41227/info Grafik CMS is prone to an SQL-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...

XSS vulnerability in Grafik CMS

Vulnerability ID: HTB22439 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingrafikcms1.html Product: Grafik CMS Vendor: GrafikPower Vulnerable Version: 1.1.2 and Probably Prior Versions Vendor Notification: 14 June 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed,...