27 matches found
Lokomedia CMS - Local File Inclusion
A Local File Inclusion LFI vulnerability exists in Lokomedia CMS. The application allows an attacker to include files on the server that should not be accessible, potentially exposing sensitive information. id: CVE-2010-2018 info: name: Lokomedia CMS - Local File Inclusion author: r3Y3r53 severit...
EUVD-2010-2039
Malware in sbrugna...
EUVD-2010-2038
Malware in sbrugna...
EUVD-2010-2037
Malware in sbrugna...
CVE-2010-2017
Cross-site scripting XSS vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-2019
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Lokomedia CMS Arbitrary File Upload Vulnerability
Lokomedia CMS is a php based content management system. Lokomedia CMS suffers from an arbitrary file upload vulnerability that can be exploited by an attacker to upload arbitrary files and gain control of the server...
Lokomedia CMS Remote SQL Injection Vulnerability
Lokomedia CMS is a content management system. Lokomedia CMS suffers from a remote SQL injection vulnerability. An attacker could use this vulnerability to take control of the application, access or modify data, or exploit potential vulnerabilities in the underlying database...
Lokomedia CMS (sukaCMS) Local File Disclosure Vulnerability
No description provided by source. Software Link: http://bukulokomedia.com Version: 2.0 Tested on: all OS + Title : Local File Disclosure Vulnerability Lokomedia CMS sukaCMS + Vendor : http://bukulokomedia.com + Discovered : vir0e5 a.k.a banditc0de + Contact : vir0e5athackermaildotcom + Site :...
CMS Lokomedia Local File Download
!===========================================================================! CMS Lokomedia Local File Download Vulnerability Author : Xr0b0t [email protected] Homepage : http://www.indonesiancoder.com | http://xrobot.mobi | http://mc-crew.net Date : 16 Mei, 2010...
CVE-2010-2018
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2010-2017
Cross-site scripting XSS vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information...
CVE-2010-2019
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information...
Sql injection
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Directory traversal
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2010-2018
Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2010-2019
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2010-2018
Summary of CVE-2010-2018 : A Local File Inclusion (LFI) vulnerability exists in Lokomedia CMS, affecting 1.4.1 and 2.0, allowing a remote attacker to read arbitrary server files by manipulating the file parameter (path traversal using ..). The issue is documented as a directory traversal flaw in ...
CVE-2010-2017
CVE-2010-2017 is a cross-site scripting (XSS) vulnerability in Lokomedia CMS (versions 1.4.1 and 2.0) affecting the hasil-pencarian.html page. The issue is exploitable via the kata parameter, allowing remote attackers to inject arbitrary script/HTML. Multiple trusted sources (NVD, Red Hat, CVE li...