EUVD-2011-4489

Malware in sbrugna...

CVE-2011-4563

Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...

jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection

No description provided by source. Exploit Title: JAKCMS 2.0 PRO RC5 stored XSS via useragent HTTP header Injection Date: 7-2-2011 Author: Saif El-Sherei Software Link: http://php.opensourcecms.com/scripts/redirect/download.php?id=480 Version: JAKCMS PRO 2.0 RC5 and probably earlier version Teste...

JAKCMS PRO <= 2.2.5 - Remote Arbitrary File Upload Exploit

No description provided by source...

JAKCMS <= 2.01 - Code Execution Exploit

No description provided by source. !/usr/bin/python JAKCMS = v2.01 Code Execution Exploit Explanation: During the authentication process, a check is performed to ensure that the user accessing the page is not already logged in. This process is done by validating the cookies set in the browser as...

JAKCMS PRO 2.2.6 - &#039;uploader.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/54238/info JAKCMS PRO is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code an...

JAKCMS 2.2.6 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

JAKCMS PRO 2.2.6 - uploader.php Arbitrary File Upload

JAKCMS PRO 2.2.6 - uploader.php Arbitrary File Upload source: https://www.securityfocus.com/bid/54238/info JAKCMS PRO is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can...

JAKCMS PRO Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

CVE-2011-4563

Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...

CVE-2011-4563

CVE-2011-4563 affects JAKCMS web app: XSS in index.php affecting 2.0.4.1 and possibly earlier versions up to 2.2.6, exploitable via the userpost parameter in a PM request and related to tinymce. The concrete vulnerability is a cross-site scripting flaw that allows remote attackers to inject arbit...

CVE-2011-4563

Cross-site scripting XSS vulnerability in index.php in JAKCMS 2.0.4.1, and possibly other versions before 2.2.6 2011-09-23, allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. NOTE: some of these details are obtained from...

PT-2011-4991 · Jakcms +1 · Jakcms +1

Name of the Vulnerable Software and Affected Versions: JAKCMS versions prior to 2.2.6 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the userpost parameter in a PM request, related to tinymce. Recommendations: For versions prior to...

JAKCMS PRO <= 2.2.5 remote arbitrary file upload vulnerability and fix-vulnerability warning-the black bar safety net

Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Author: EgiX Download address: http://www.jakcms.com/ Impact version n: 2.2.5 Test platform: Windows 7 and Debian 6.0.2 ? php / -------------------------------------------------------- JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload...

JAKCMS PRO 2.2.5 - Arbitrary File Upload

JAKCMS PRO 2.2.5 - Arbitrary File Upload Exploit Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Google Dork: "Powered By JAKCMS" Date: 21/09/2011 Author: EgiX Software Link: http://www.jakcms.com/ Version: 2.2.5 Tested on: Windows 7 and Debian 6.0.2 ?php /...

JAKCMS PRO 2.2.5 Arbitrary File Upload

Exploit Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Google Dork: "Powered By JAKCMS" Date: 21/09/2011 Author: EgiX Software Link: http://www.jakcms.com/ Version: 2.2.5 Tested on: Windows 7 and Debian 6.0.2 ?php / -------------------------------------------------------- JAKCMS P...

JAKCMS PRO 2.2.5 - Arbitrary File Upload

Exploit Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Google Dork: "Powered By JAKCMS" Date: 21/09/2011 Author: EgiX Software Link: http://www.jakcms.com/ Version: 2.2.5 Tested on: Windows 7 and Debian 6.0.2 ?php / -------------------------------------------------------- JAKCMS P...

JAKCMS PRO <= 2.2.5 Remote Arbitrary File Upload Exploit

Exploit for php platform in category web applications Exploit Title: JAKCMS PRO = 2.2.5 Remote Arbitrary File Upload Exploit Google Dork: "Powered By JAKCMS" Date: 21/09/2011 Author: EgiX Software Link: http://www.jakcms.com/ Version: 2.2.5 Tested on: Windows 7 and Debian 6.0.2 ?php /...

JAKCMS <= v2.01 RC1 Blind SQL Injection Exploit

Exploit for php platform in category web applications !/usr/bin/python jakCMS = v2.01 RC1 Blind SQL Injection Exploit Understanding: The parameters 'JAKCOOKIENAME' and 'JAKCOOKIEPASS' are parsed via cookies to the application and are unchecked for malicious characters. The contents of these...