25 matches found
EUVD-2007-1971
Malware in sbrugna...
EUVD-2005-0797
Malware in sbrugna...
EUVD-2005-0796
Malware in sbrugna...
HolaCMS 1.2.x/1.4.x Voting Module Directory Traversal Remote File Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12799/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This issue is similar to the vulnerability described in BID 12789 HolaCMS Voting Module Remote File Corruption...
HolaCMS 1.2.x HTMLtags.PHP Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8416/info A file include vulnerability has been reported in the htmltags.php module of HolaCMS. This problem may allow an attacker to access potentially sensitive information reserved for adminstration. It has also been...
HolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12789/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This is due an input validation error that allows users to submit voting data to an attacker-specified file. It ha...
CVE-2007-1977
Cross-site scripting XSS vulnerability in indexcms.php in holaCMS 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter...
CVE-2007-1977
Cross-site scripting XSS vulnerability in indexcms.php in holaCMS 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in indexcms.php in holaCMS 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter...
CVE-2007-1977
CVE-2007-1977 describes a Cross-Site Scripting (XSS) vulnerability in holaCMS 1.4.10, specifically in index_cms.php where the acuparam parameter can be exploited to inject arbitrary script/HTML. Affected software is holaCMS 1.4.10; the vulnerable component is index_cms.php. The root cause is impr...
CVE-2007-1977
Cross-site scripting XSS vulnerability in indexcms.php in holaCMS 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter...
[MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue
MajorSecurity Advisory 37HolaCMS - Cross Site Scripting Issue Details ======= Product: holaCMS-1.4.10 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.hola.com/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...
CVE-2005-0796
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. dot dot in the votefilename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory...
CVE-2005-0795
HolaCMS 1.4.9 is affected by CVE-2005-0795 due to insufficient access restriction in the holaDB/votes directory, allowing a remote attacker to overwrite arbitrary files via a manipulated vote_filename parameter. The impact described is the ability to modify files on the server; exploitation detai...
CVE-2005-0796
CVE-2005-0796 is a directory traversal vulnerability in HolaCMS 1.4.9-1. An attacker can overwrite arbitrary files by injecting a path like holaDB/votes/.. into the vote_filename parameter, bypassing the directory check. The NVD entry documents this vulnerability and its impact as partial integri...
CVE-2005-0796
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. dot dot in the votefilename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory...
CVE-2005-0795
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified votefilename parameter...
holaCMS149.txt
-------------------------------------------------------------------- Virginity Security Advisory 2005-001 - - - -------------------------------------------------------------------- DATE : 2005-03-12 15:45 GMT TYPE : remote VERSIONS AFFECTED : Of course you'll have to edit target and...
CVE-2005-0795
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified votefilename parameter...
HolaCMS 1.2.x1.4.x Voting Module - Directory Traversal Remote File Corruption
HolaCMS 1.2.x1.4.x Voting Module - Directory Traversal Remote File Corruption source: https://www.securityfocus.com/bid/12799/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This issue is similar to the vulnerability described in BID 12789...