Lucene search
+L

75 matches found

Cvelist
Cvelist
added 2007/11/27 7:0 p.m.27 views

CVE-2007-6142

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC2 allow remote attackers to inject arbitrary web script or HTML via the 1 show parameter to index.php and the 2 print parameter to print.php. NOTE: the provenance of this information is unknown; the...

5.7AI score0.01022EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2007/05/03 12:0 a.m.32 views

jafcms-xss.txt

JAF CMS - 4.0 Cross Site Scripting Vulnerability Source: http://sourceforge.net/projects/jaf-cms/ Author: Arham Muhammad POC: http://site/path/index.php?show="alert/xss/; There Is No Sign Of Filteration In Jaf-Cms, Making It Prune To Xss And Session Hijacking!...

7.4AI score
Exploits0
NVD
NVD
added 2007/03/06 1:19 a.m.24 views

CVE-2006-7128

PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter...

7.5CVSS7.5AI score0.07384EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/03/06 1:0 a.m.24 views

CVE-2006-7128

PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter...

7.5AI score0.07384EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/03/06 1:0 a.m.35 views

CVE-2006-7127

Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the maindir parameter to 1 forum/main.php and 2 forum/headlines.php...

7.5AI score0.05583EPSS
Exploits1References6
CVE
CVE
added 2007/03/06 1:0 a.m.44 views

CVE-2006-7128

CVE-2006-7128 describes a PHP remote file inclusion in JAF CMS 4.0 RC1, exploitable via the URL in the website parameter of forum.php, allowing remote code execution. The NVD CVSSv2 base score is 7.5 (HIGH) with network access, low complexity, no authentication, and partial impact on confidential...

7.5CVSS7.9AI score0.07384EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/03/06 1:0 a.m.48 views

CVE-2006-7127

CVE-2006-7127 affects the JAF CMS (versions 4.0 and 4.0 RC2). Affected component: the forum/ directory handling pages (forum/main.php and forum/headlines.php). Root cause: remote PHP code execution via a crafted URL passed to the main_dir parameter, enabling an attacker to include and run arbitra...

6.8CVSS7.6AI score0.05583EPSS
Exploits1References6Affected Software1
seebug.org
seebug.org
added 2006/12/27 12:0 a.m.14 views

JAF CMS Forum.PHP远程文件包含漏洞

Salims Softhouse JAF CMS是一款基于PHP的内容管理程序。 Salims Softhouse JAF CMS不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Forum.PHP'脚本对用户提交的'applAPPL'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Salims Softhouse JAF CMS 4.0 RC1 Salims Softhouse JAF CMS 3.0 RC Salims Softhouse JAF CMS 2.5 Salims Softhous...

7AI score
Exploits0
securityvulns
securityvulns
added 2006/10/05 12:0 a.m.40 views

JAF CMS Remote file include (website)

=========================================================================================== JAF CMS Remote file include website =========================================================================================== Script name : JAF CMS Version : 4.0...

1.1AI score
Exploits0
exploitpack
exploitpack
added 2006/10/04 12:0 a.m.12 views

JAF CMS 4.0 RC1 - Multiple Remote File Inclusions

JAF CMS 4.0 RC1 - Multiple Remote File Inclusions =========================================================================================== JAF CMS Remote file include website =========================================================================================== Script name : JAF CMS Versi...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2006/10/04 12:0 a.m.12 views

JAF CMS <= 4.0 RC1 Multiple Remote File Include Vulnerabilities

No description provided by source. =========================================================================================== JAF CMS Remote file include website =========================================================================================== Script name : JAF CMS Version : 4.0...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/10/04 12:0 a.m.19 views

JAF CMS <= 4.0 RC1 Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== JAF CMS = 4.0 RC1 Multiple Remote File Include Vulnerabilities ===============================================================...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/04 12:0 a.m.44 views

JAF CMS 4.0 RC1 - Multiple Remote File Inclusions

=========================================================================================== JAF CMS Remote file include website =========================================================================================== Script name : JAF CMS Version : 4.0...

7.4AI score
Exploits0
NVD
NVD
added 2006/10/03 4:3 a.m.15 views

CVE-2006-5129

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via 1 the message parameter, and possibly other parameters, in module/shout/jafshout.php aka the shoutbox; and 2 the message body in a...

6.8CVSS5.9AI score0.01251EPSS
Exploits0References4
NVD
NVD
added 2006/10/03 4:3 a.m.23 views

CVE-2006-5131

module/shout/jafshout.php aka the shoutbox in ph03y3nk just another flat file JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "", possibly due to a static code injection vulnerability involving admin/datainc.php...

7.5CVSS7.9AI score0.02548EPSS
Exploits0References3
NVD
NVD
added 2006/10/03 4:3 a.m.24 views

CVE-2006-5130

Multiple cross-site scripting XSS vulnerabilities in ph03y3nk just another flat file JAF CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 url, 3 title, and 4 about parameters in a forum post. NOTE: the provenance of this information is unknown; the detai...

6.8CVSS5.7AI score0.01143EPSS
Exploits0References1
seebug.org
seebug.org
added 2006/10/03 12:0 a.m.42 views

JAF CMS &lt;= 4.0 RC1 (forum.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/10/03 12:0 a.m.15 views

JAF CMS 4.0 RC1 - forum.php Remote File Inclusion

JAF CMS 4.0 RC1 - forum.php Remote File Inclusion !/usr/bin/perl ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/03 12:0 a.m.34 views

JAF CMS 4.0 RC1 - &#039;forum.php&#039; Remote File Inclusion

!/usr/bin/perl ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+ +:+:+ +:+ ++ +++:++ +++:++++: ++...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/10/03 12:0 a.m.43 views

JAF CMS <= 4.0 RC1 (forum.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ========================================================== JAF CMS = 4.0 RC1 forum.php Remote File Include Exploit ========================================================== !/usr/bin/perl ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :...

7.1AI score
Exploits0
Rows per page
Query Builder