EUVD-2008-6582

Malware in sbrugna...

EUVD-2009-4657

Malware in sbrugna...

miniCWB 2.1.1 - 'connector.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29368/info miniCWB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser...

miniCWB <= 1.0.0 (contact.php) Local File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

CVE-2009-4693

Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to 1 en.inc.php, 2 hu.inc.php, 3 no.inc.php, 4 ro.inc.php, and 5 ru.inc.php in language/...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to 1 en.inc.php, 2 hu.inc.php, 3 no.inc.php, 4 ro.inc.php, and 5 ru.inc.php in language/...

CVE-2009-4693

Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote attackers to execute arbitrary PHP code via a URL in the LANG parameter to 1 en.inc.php, 2 hu.inc.php, 3 no.inc.php, 4 ro.inc.php, and 5 ru.inc.php in language/...

CVE-2009-4693

GraFX MiniCWB 2.3.0 is affected by multiple PHP remote file inclusion vulnerabilities that allow remote code execution via a URL in the LANG parameter targeting language/en.inc.php, language/hu.inc.php, language/no.inc.php, language/ro.inc.php, and language/ru.inc.php. The root cause is unsafe in...

MiniCWB 2.3.0 - lang Remote File Inclusion

MiniCWB 2.3.0 - lang Remote File Inclusion ================================================================================================ o MiniCWB 2.3.0 Multiple Remote File Inclusion Vulnerability Software : MiniCWB version 2.3.0 Vendor : http://www.grafxsoftware.com/ Download :...

MiniCWB 2.3.0 Remote File Inclusion

================================================================================================ o MiniCWB 2.3.0 Multiple Remote File Inclusion Vulnerability Software : MiniCWB version 2.3.0 Vendor : http://www.grafxsoftware.com/ Download :...

MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities

No description provided by source. ================================================================================================ o MiniCWB 2.3.0 Multiple Remote File Inclusion Vulnerability Software : MiniCWB version 2.3.0 Vendor : http://www.grafxsoftware.com/ Download :...

MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== MiniCWB 2.3.0 LANG Remote File Inclusion Vulnerabilities ==========================================================...

MiniCWB 2.3.0 - &#039;lang&#039; Remote File Inclusion

================================================================================================ o MiniCWB 2.3.0 Multiple Remote File Inclusion Vulnerability Software : MiniCWB version 2.3.0 Vendor : http://www.grafxsoftware.com/ Download :...

CVE-2008-6620

Multiple cross-site scripting XSS vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errcontext, 2 GET, 3 POST, 4 SESSION, 5 SERVER, and 6...

CVE-2008-6620

GraFX miniCWB 2.1.1 and earlier are affected by CVE-2008-6620: multiple XSS vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php. The issue allows remote attackers to inject arbitrary web script or HTML through (1) errcontext, (2) _GET, (3) _POST, (4)...

CVE-2008-6620

Multiple cross-site scripting XSS vulnerabilities in javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php in GraFX miniCWB 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errcontext, 2 GET, 3 POST, 4 SESSION, 5 SERVER, and 6...

miniCWB connector.php多个跨站脚本漏洞

BUGTRAQ ID: 29368 miniCWB是一款小型的开源内容管理系统。 Mini CWB没有正确过滤对/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php所传送的URL便返回给了用户，这允许远程攻击者通过跨站脚本攻击在用户浏览器会话中执行任意代码。 GraFX miniCWB = 2.1.1 GraFX ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.mini-open-cms.com/...

miniCWB 2.1.1 - connector.php Multiple Cross-Site Scripting Vulnerabilities

miniCWB 2.1.1 - connector.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29368/info miniCWB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

miniCWB 2.1.1 - &#039;connector.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29368/info miniCWB is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

miniCWB &lt;= 1.0.0 (contact.php) Local File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...