20 matches found
EUVD-2007-3302
Malware in sbrugna...
EUVD-2007-3303
Malware in sbrugna...
EUVD-2007-3925
Malware in sbrugna...
Jasmine CMS 1.0 - SQL Injection/Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php errorreporting0; inisetmaxexecutiontime,0; inisetdefaultsockettimeout,5; if $argc4 print -------------------------------------------------------------------------\r\n; print Jasmine CMS 1.0 SQL Injection/Remote Code...
Cross site scripting
Cross-site scripting XSS vulnerability in profile.php in Jasmine CMS 1.01 allows remote authenticated users to inject arbitrary web script or HTML via the profileemail parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-3941
Cross-site scripting XSS vulnerability in profile.php in Jasmine CMS 1.01 allows remote authenticated users to inject arbitrary web script or HTML via the profileemail parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-3941
CVE-2007-3941 reports a cross-site scripting (XSS) vulnerability in Jasmine CMS 1.0_1, specifically in profile.php via the profile_email parameter. The issue allows remote authenticated users to inject arbitrary web script or HTML. The description does not specify affected versions beyond 1.0_1, ...
Directory traversal
Directory traversal vulnerability in admin/pluginmanager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. dot dot in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote...
CVE-2007-3312
Directory traversal vulnerability in admin/pluginmanager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. dot dot in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote...
CVE-2007-3313
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the loginusername parameter to login.php or 2 the item parameter to news.php...
Sql injection
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the loginusername parameter to login.php or 2 the item parameter to news.php...
CVE-2007-3313
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via 1 the loginusername parameter to login.php or 2 the item parameter to news.php...
CVE-2007-3313
CVE-2007-3313 involves two SQL injection vulnerabilities in Jasmine CMS 1.0 that allow remote attackers to execute arbitrary SQL commands via (1) login.php’s login_username and (2) news.php’s item parameter. The associated CVSS v2 base score is 7.5 (HIGH) with vector AV:N/AC:L/Au:N/C:P/I:P/A:P, i...
CVE-2007-3312
Directory traversal vulnerability in admin/pluginmanager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. dot dot in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote...
CVE-2007-3312
The CVE-2007-3312 entry describes a directory traversal vulnerability in Jasmine CMS 1.0 affecting the file admin/plugin_manager.php . The issue allows (for vulnerable configurations) remote authenticated administrators to include and execute arbitrary local files via the parameter u (dot-dot tra...
jasmine-exec.txt
!/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit\r\n"; print...
Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit
Exploit for unknown platform in category web applications =========================================================== Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit =========================================================== !/usr/bin/php -q -d shortopentag=on ?php errorreporting0;...
Jasmine CMS 1.0 - SQL Injection Remote Code Execution
Jasmine CMS 1.0 - SQL Injection Remote Code Execution !/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " Jasmine CMS 1.0 SQL...
Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " Jasmine CMS 1.0 SQL Injection/Remote Co...
Jasmine CMS 1.0 - SQL Injection / Remote Code Execution
!/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " Jasmine CMS 1.0 SQL Injection/Remote Code Execution Exploit\r\n"; print...