30 matches found
EUVD-2006-4251
Malware in sbrugna...
EUVD-2007-2039
Malware in sbrugna...
EUVD-2008-1088
Malware in sbrugna...
mambo/joomla component article 1.1 - Remote File Inclusion Vulnerability
No description provided by source. ======================================================= Mambo/Joomla Component New Article Component = 1.1 absolutepath Multiple RFI ======================================================= Found By : Cold z3ro , [email protected]...
Joomla Artlinks Component <= 1.0b4 Remote Include Vulnerability
No description provided by source. .: insecurity research team :. ....:...:. . .:. | |/ :/ // :/ .:. : | | | \\ /\ / :. . ..: ||| / \ \ .: .:.. .. ./ .:/:. ./. .:/: . ...:. .advisory. .:... :..................: 18.o8.2oo6 .. Affected Application: Artlinks v1.0 Beta 4 Mambo/Joomla CMS...
Mambo/Joomla 'com_buslicense' Component - 'aid' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27508/info The 'combuslicense' component for Mambo/Joomla is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...
CVE-2010-4944
SQL injection vulnerability in the Elite Experts comeliteexperts component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php...
Mambo / Joomla Component com_gr SQL Injection Vulnerability
Exploit for php platform in category web applications =========================================================== Mambo / Joomla Component comgr SQL Injection Vulnerability =========================================================== Author : aLBayraqim Homepage : http://www.1923turk.com ..!...
CVE-2008-1848
Cross-site scripting XSS vulnerability in the joomlaXplorer comjoomlaxplorer Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a showerror action to index.php...
CVE-2008-1848
Cross-site scripting XSS vulnerability in the joomlaXplorer comjoomlaxplorer Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a showerror action to index.php...
Joomla! Mambo Component com_buslicense - aid SQL Injection
Joomla! Mambo Component combuslicense - aid SQL Injection source: https://www.securityfocus.com/bid/27508/info The 'combuslicense' component for Mambo/Joomla is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...
Mambo/Joomla Component rsgallery <= 2.0 beta 5 (catid) Remote SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV86$2007 ----------------------------------------------------------------------------------------- ECHOADV86$2007 Mambo/Joomla Component rsgallery = 2.0 beta 5 catid Remote...
Joomla! Mambo Component rsgallery 2.0b5 - catid SQL Injection
Joomla! Mambo Component rsgallery 2.0b5 - catid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV86$2007 ----------------------------------------------------------------------------------------- ECHOADV86$2007 Mambo/Joomla Component rsgallery =...
Mambo/Joomla Component rsgallery <= 2.0b5 (catid) SQL Injection Vuln
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV86$2007 ----------------------------------------------------------------------------------------- ECHOADV86$2007 Mambo/Joomla Component rsgallery = 2.0 beta 5 catid Remote...
Mambo/Joomla Module Weather (absolute_path) Remote File include Vuln
============================================================ Mambo/Joomla Module Weather absolutepath Remote File include Vuln ============================================================ Found By : Cold z3ro , [email protected] ============================================================...
Mambo/Joomla New Article Absolute_Path远程文件包含漏洞
Mambo/Joomla New Article是一款基于PHP的WEB应用程序。 Mambo/Joomla New Article不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是脚本对用户提交的'Absolutepath'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Mambo New Article Component 1.1 目前没有解决方案提供: http://mamboserver.com/...
joomlanew-rfi.txt
======================================================= Mambo/Joomla Component New Article Component = 1.1 absolutepath Multiple RFI ======================================================= Found By : Cold z3ro , [email protected] ======================================================= Homepag...
CVE-2007-2043
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia commosmedia 1.08 and earlier module for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 media.tab.php or 2 media.divs.php...
Mambo/Joomla Component Article 1.1 Remote File Inclusion Vulnerability
No description provided by source. ======================================================= Mambo/Joomla Component New Article Component = 1.1 absolutepath Multiple RFI ======================================================= Found By : Cold z3ro , [email protected]...
Mambo/Joomla plugin.class.php脚本远程文件包含漏洞
Mambo(也被称为Joomla)是一款开放源代码的WEB内容管理系统。 Mambo在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 在Mambo的comcomprofiler文件夹的plugin.class.php脚本中: -----------------------plugin.class.php---------------------- ?php / Plugin handler @package Joomla @author various, JoomlaJoe and Beat / requireonce...