Lucene search
K

72 matches found

exploitpack
exploitpack
added 2010/09/28 12:0 a.m.23 views

Micro CMS 1.0 b1 - Persistent Cross-Site Scripting

Micro CMS 1.0 b1 - Persistent Cross-Site Scripting Title : Micro CMS Persistent Cross-Site Scripting Vulnerability. Author : Veerendra G.G from SecPod Technologies www.secpod.com Vendor : http://www.micro-cms.com/ Advisory : http://secpod.org/blog/?p=135...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/28 12:0 a.m.33 views

Micro CMS 1.0 - 'name' HTML Injection (1)

source: https://www.securityfocus.com/bid/43556/info Micro CMS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/28 12:0 a.m.38 views

Micro CMS 1.0 b1 - Persistent Cross-Site Scripting

Title : Micro CMS Persistent Cross-Site Scripting Vulnerability. Author : Veerendra G.G from SecPod Technologies www.secpod.com Vendor : http://www.micro-cms.com/ Advisory : http://secpod.org/blog/?p=135 http://secpod.org/advisories/SECPODMicroCMS.txt Version : Micro CMS 1.0 beta 1 Date :...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/09/16 12:0 a.m.32 views

Micro CMS 3.5 - SQL Injection Local File Inclusion

Micro CMS 3.5 - SQL Injection Local File Inclusion Micro CMS File inclusion Vuln Micro CMS SQLi login bypass By learn3r hacker from Nepal [email protected] Affected version: v 3.5 or may be lower... File Inclusion Vuln Requires register globals to be on... Vuln file: microcms-inlude.php...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/09/16 12:0 a.m.40 views

Micro CMS 3.5 - SQL Injection / Local File Inclusion

Micro CMS File inclusion Vuln Micro CMS SQLi login bypass By learn3r hacker from Nepal [email protected] Affected version: v 3.5 or may be lower... File Inclusion Vuln Requires register globals to be on... Vuln file: microcms-inlude.php...

7.4AI score
Exploits0
NVD
NVD
added 2009/04/06 6:30 p.m.16 views

CVE-2008-6614

Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design IBD Micro CMS 3.5 aka 0.3.5 allow remote attackers to execute arbitrary SQL commands via 1 the administratorsusername parameter aka the Username field or 2 the administratorspass parameter aka the Password fie...

7.5CVSS8.5AI score0.01416EPSS
Exploits1References8
CVE
CVE
added 2009/04/06 6:0 p.m.44 views

CVE-2008-6614

CVE-2008-6614 affects Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5). The vulnerability arises in microcms-admin-login.php where remote attackers can inject SQL through (1) administrators_username or (2) administrators_pass, enabling arbitrary SQL execution. The reports consistently describe m...

7.5CVSS8.8AI score0.01416EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2009/04/06 6:0 p.m.22 views

CVE-2008-6614

Multiple SQL injection vulnerabilities in microcms-admin-login.php in Implied By Design IBD Micro CMS 3.5 aka 0.3.5 allow remote attackers to execute arbitrary SQL commands via 1 the administratorsusername parameter aka the Username field or 2 the administratorspass parameter aka the Password fie...

8.5AI score0.01416EPSS
Exploits1References8
Prion
Prion
added 2009/03/30 4:30 p.m.11 views

Authentication flaw

microcms-admin-home.php in Implied by Design Micro CMS Micro-CMS 3.5 aka 0.3.5 does not require authentication as an administrator, which allows remote attackers to 1 create administrative accounts via an addadmin action, 2 remove administrative accounts via a deleteadmin action, and 3 modify...

7.5CVSS7.4AI score0.0247EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/03/30 4:0 p.m.46 views

CVE-2008-6553

CVE-2008-6553 affects Implied by Design Micro CMS (Micro-CMS) version 3.5 (aka 0.3.5). The vulnerability arises because microcms-admin-home.php does not require administrator authentication, enabling remote attackers to perform administrative actions: add_admin (create admins), delete_admin (remo...

7.5CVSS7.1AI score0.0247EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/03/30 4:0 p.m.19 views

CVE-2008-6553

microcms-admin-home.php in Implied by Design Micro CMS Micro-CMS 3.5 aka 0.3.5 does not require authentication as an administrator, which allows remote attackers to 1 create administrative accounts via an addadmin action, 2 remove administrative accounts via a deleteadmin action, and 3 modify...

6.9AI score0.0247EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/11/03 12:0 a.m.27 views

Micro CMS <= 0.3.5 Remote (Add/Delete/Password Change) Exploit

No description provided by source. !/usr/bin/perl -------------------------------------------------------------- Micro CMS = 0.3.5 Remote Add/Delete/Password Change Exploit StAkeRathotmaildotit http://www.impliedbydesign.com/apps/microcms/microcms.zip...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/11/01 12:0 a.m.21 views

Micro CMS <= 0.3.5 Remote (Add/Delete/Password Change) Exploit

Exploit for unknown platform in category web applications ============================================================== Micro CMS ; ifdefined $admin print STDOUT deladmin$admin; exit; else print STDOUT "+ Not Defined!\n"; exit; if$tell = /change/i print STDOUT "+ Admin ID : "; chomp$admin = ;...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/11/01 12:0 a.m.20 views

Micro CMS 0.3.5 - Remote AddDeletePassword Change

Micro CMS 0.3.5 - Remote AddDeletePassword Change !/usr/bin/perl -------------------------------------------------------------- Micro CMS ; ifdefined $admin print STDOUT deladmin$admin; exit; else print STDOUT "+ Not Defined!\n"; exit; if$tell = /change/i print STDOUT "+ Admin ID : "; chomp$admin...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2008/11/01 12:0 a.m.42 views

Micro CMS 0.3.5 - Remote Add/Delete/Password Change

!/usr/bin/perl -------------------------------------------------------------- Micro CMS ; ifdefined $admin print STDOUT deladmin$admin; exit; else print STDOUT "+ Not Defined!\n"; exit; if$tell = /change/i print STDOUT "+ Admin ID : "; chomp$admin = ; print STDOUT "+ New Password: "; chomp$passwd...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/12 12:0 a.m.35 views

ibdmicro-sql.txt

01010111 01001001 01010010 01000101 01000100 01010011 - 01000101 01000011 01010101 01010010 01001001 01010100 - 01011001 ADVISORY: IBD MICRO CMS 3.5 SQL INJECTION LOGIN BYPASS || 0x00: ABOUT ME || 0x01: DATELINE || 0x02: INFORMATION || 0x03: EXPLOITATION || 0x04: RISK LEVEL || 0x00: ABOUT ME...

7.4AI score
Exploits0
NVD
NVD
added 2007/08/31 12:17 a.m.20 views

CVE-2007-4602

SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS Micro-CMS 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...

6.8CVSS8.4AI score0.0095EPSS
Exploits0References4
Prion
Prion
added 2007/08/31 12:17 a.m.14 views

Sql injection

SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS Micro-CMS 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...

6.8CVSS9.1AI score0.0095EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/08/31 12:0 a.m.41 views

CVE-2007-4602

The CVE-2007-4602 entry concerns Implied by Design Micro CMS (Micro-CMS) 3.5. The vulnerability is a SQL injection in cms/revert-content.php exploitable via the id parameter, allowing remote attackers to potentially execute arbitrary SQL commands. Root cause identified as improper handling of inp...

6.8CVSS8.4AI score0.0095EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/08/31 12:0 a.m.17 views

CVE-2007-4602

SQL injection vulnerability in cms/revert-content.php in Implied by Design Micro CMS Micro-CMS 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.0095EPSS
Exploits0References4
Rows per page
Query Builder