5 matches found
CVE-2008-2686
CVE-2008-2686 affects Flux CMS up to version 1.5.0 and earlier. The flaw allows remote code execution by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, followed by a direct request for the crafted filename. The NVD entry do...
Flux CMS 'loadsave.php'任意文件覆盖漏洞
BUGTRAQ ID: 29618 CNCAN ID:CNCAN-2008061003 Flux CMS是一款内容管理程序。 Flux CMS 'loadsave.php'不正确验证用户输入,远程攻击者可以利用漏洞以WEB进程权限覆盖任意文件。 提交特殊构建的POST数据给'loadsave.php'脚本,可导致EB进程权限覆盖任意文件。 Flux CMS 1.5 目前没有解决方案提供: http://wiki.flux-cms.org/display/FLX/Home;jsessionid=D59E863574281A9BB6C951E073B3805C...
Flux CMS <= 1.5.0 (loadsave.php) Remote Arbitrary File Overwrite Exploit
Exploit for unknown platform in category web applications ======================================================================== Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ======================================================================== ?php /...
Flux CMS 1.5.0 - loadsave.php Arbitrary File Overwrite
Flux CMS 1.5.0 - loadsave.php Arbitrary File Overwrite ?php / ------------------------------------------------------------------------ Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ------------------------------------------------------------------------ author...: EgiX...
Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite
?php / ------------------------------------------------------------------------ Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...