53 matches found
EUVD-2009-1759
Malware in sbrugna...
EUVD-2009-3407
Malware in sbrugna...
EUVD-2009-3408
Malware in sbrugna...
EUVD-2009-1813
Malware in sbrugna...
EUVD-2009-3406
Malware in sbrugna...
SQL Injection Vulnerability in Maxcms ad***_ne***.asp File
Maxcms is an open source program that serves to build movie websites. A SQL injection vulnerability exists in the Maxcms adne.asp file, which can be exploited by attackers to obtain sensitive information...
Code Execution Vulnerability in MaxCMS Version 4.0
Movie System Max Program MaxCMS is an open source program that specializes in serving the construction of movie websites. MaxCMS 4.0 version of the existence of code execution vulnerabilities, the vulnerability stems from the website configuration parameters are modified without filtering the...
SQL Injection Vulnerability in MaxCMS Version 4.0
Movie System Max Program MaxCMS is an open source program that specializes in serving the construction of movie websites. MaxCMS version 4.0 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Maxcms /inc/ajax.asp id参数SQL注入漏洞
No description provided by source...
maxcms movie CMS injection-vulnerability warning-the black bar safety net
Vulnerability file/inc/ajax. asp 33-40 line Sub getscoreac dim id,ary,ret : id=getForm"id","get" if isNulid then die "err" if ac="newsscore" then ary=conn. db"SELECT mdigg,mtread,mscore FROM prenews WHERE mid correspondence between="&id,"array" else ary=conn. db"SELECT mdigg,mtread,mscore FROM...
马克斯CMS(Maxcms) admin_inc.asp SQL注入漏洞
在文件admin/ admininc.asp中: Sub checkPower //第103行 dim loginValidate,rsObj : loginValidate = "maxcms2.0" err.clear on error resume next set rsObj=conn.db"select mrandom,mlevel from premanager where musername='"&rCookie"musername"&"'","execute" rCookie函数在文件inc/ CommonFun.asp中 Function rCookiecookieNa...
CVE-2009-3425
Directory traversal vulnerability in includes/inc.thcmsadmindirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMSroot parameter...
CVE-2009-3426
PHP remote file inclusion vulnerability in includes/filemanager/special.php in MaxCMS 3.11.20b allows remote attackers to execute arbitrary PHP code via a URL in the fmincludesspecial parameter...
CVE-2009-3424
Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 isprojectPath parameter to includes/InstantSite/inc.isroot.php; GLOBALSthCMSroot parameter to 2 classes/class.Tree.php, 3...
Remote file inclusion
PHP remote file inclusion vulnerability in includes/filemanager/special.php in MaxCMS 3.11.20b allows remote attackers to execute arbitrary PHP code via a URL in the fmincludesspecial parameter...
Directory traversal
Directory traversal vulnerability in includes/inc.thcmsadmindirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMSroot parameter...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in MaxCMS 3.11.20b, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 isprojectPath parameter to includes/InstantSite/inc.isroot.php; GLOBALSthCMSroot parameter to 2 classes/class.Tree.php, 3...
CVE-2009-3425
CVE-2009-3425 affects MaxCMS 3.11.20b. A directory traversal flaw in the admin component, specifically includes/inc.thcms_admin_dirtree.php, allows remote attackers to read arbitrary files via traversal sequences in the thCMS_root parameter. Public references (NVD, CVE records) confirm the vulner...
CVE-2009-3426
CVE-2009-3426 concerns a PHP remote file inclusion in MaxCMS 3.11.20b. The flaw is in includes/file_manager/special.php, where the fm_includes_special parameter can be controlled to include a remote PHP file, enabling arbitrary code execution on the server. Documented affected component: MaxCMS 3...
CVE-2009-3425
Directory traversal vulnerability in includes/inc.thcmsadmindirtree.php in MaxCMS 3.11.20b allows remote attackers to read arbitrary files via directory traversal sequences in the thCMSroot parameter...