Lucene search
K

11 matches found

0day.today
0day.today
added 2010/11/15 12:0 a.m.41 views

JAF CMS 4.0 Upload Exploit

Exploit for php platform in category web applications ========================== JAF CMS 4.0 Upload Exploit ========================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //...

7.1AI score
Exploits0
CVE
CVE
added 2008/04/01 4:0 p.m.54 views

CVE-2008-1609

CVE-2008-1609 affects JAF CMS 4.0 RC2. Connected sources describe a remote file inclusion vulnerability whereby input in the website parameter (to forum/main.php and forum/forum.php) and the main_dir parameter (to forum/forum.php) can be used to include arbitrary files, enabling arbitrary PHP exe...

6.8CVSS7.5AI score0.41114EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Storm
added 2008/03/27 12:0 a.m.22 views

jafcms-rfi.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/03/26 12:0 a.m.15 views

JAF CMS 4.0 RC2 - Multiple Remote File Inclusions

JAF CMS 4.0 RC2 - Multiple Remote File Inclusions ??????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ?????????????????????????????????????????????????????????????????????????????? ????? From The Ash...

0.5AI score
Exploits0
CVE
CVE
added 2007/11/27 7:0 p.m.51 views

CVE-2007-6142

The CVE affects ph03y3nk just another flat file (JAF) CMS 4.0 RC2. It describes reflected Cross‑Site Scripting via the index.php show parameter and the print.php print parameter, enabling injection of arbitrary web script/HTML. The root cause is input handling in these two parameters leading to s...

4.3CVSS5.7AI score0.01022EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/03/06 1:0 a.m.34 views

CVE-2006-7127

Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the maindir parameter to 1 forum/main.php and 2 forum/headlines.php...

7.5AI score0.05583EPSS
Exploits1References6
CVE
CVE
added 2007/03/06 1:0 a.m.44 views

CVE-2006-7128

CVE-2006-7128 describes a PHP remote file inclusion in JAF CMS 4.0 RC1, exploitable via the URL in the website parameter of forum.php, allowing remote code execution. The NVD CVSSv2 base score is 7.5 (HIGH) with network access, low complexity, no authentication, and partial impact on confidential...

7.5CVSS7.9AI score0.07384EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/03/06 1:0 a.m.47 views

CVE-2006-7127

CVE-2006-7127 affects the JAF CMS (versions 4.0 and 4.0 RC2). Affected component: the forum/ directory handling pages (forum/main.php and forum/headlines.php). Root cause: remote PHP code execution via a crafted URL passed to the main_dir parameter, enabling an attacker to include and run arbitra...

6.8CVSS7.6AI score0.05583EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2006/10/03 4:3 a.m.22 views

CVE-2006-5131

module/shout/jafshout.php aka the shoutbox in ph03y3nk just another flat file JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "", possibly due to a static code injection vulnerability involving admin/datainc.php...

7.5CVSS7.9AI score0.02548EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/10/02 8:0 p.m.25 views

CVE-2006-5129

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via 1 the message parameter, and possibly other parameters, in module/shout/jafshout.php aka the shoutbox; and 2 the message body in a...

5.9AI score0.01251EPSS
Exploits0References4
CVE
CVE
added 2006/10/02 8:0 p.m.45 views

CVE-2006-5129

CVE-2006-5129 affects ph03y3nk just another flat file (JAF) CMS 4.0 RC1. The vulnerabilities are cross-site scripting in two spots: (1) module/shout/jafshout.php (the shoutbox) via the message parameter and related name/email/title/date/ldate/lname variables, and (2) the message body in a forum p...

6.8CVSS6.1AI score0.01251EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder