Lucene search
K

53 matches found

NVD
NVD
added 2007/02/27 2:28 a.m.15 views

CVE-2007-1132

Multiple cross-site scripting XSS vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 message and 2 title fields...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/02/27 2:0 a.m.21 views

CVE-2007-1129

Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via 1 an avatar upload in an adddown action, or 2 an addlink action...

7.2AI score0.01359EPSS
Exploits0References4
CVE
CVE
added 2007/02/27 2:0 a.m.46 views

CVE-2007-1129

CVE-2007-1129 affects MTCMS 3.2, with multiple unrestricted file upload vulnerabilities that allow remote attackers to upload and execute files via (1) avatar upload in an add_down action or (2) an add_link action. The root cause/precise vulnerable component is not detailed beyond the two upload ...

7.5CVSS7.2AI score0.01359EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2007/02/27 2:0 a.m.51 views

CVE-2007-1132

CVE-2007-1132 pertains to multiple XSS vulnerabilities in the MTCMS 2.2 "Contact Us" feature, affecting the (1) message and (2) title fields. The root cause is not explicitly detailed in the provided documents beyond the XSS existence; no payloads, environment constraints, or affected subversions...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/02/27 2:0 a.m.18 views

CVE-2007-1132

Multiple cross-site scripting XSS vulnerabilities in the "Contact Us" functionality in MTCMS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 message and 2 title fields...

5.8AI score0.01033EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/02/27 12:0 a.m.83 views

MTCMS multiple upload vulnerabilities

avatar upload vulnerability: upload any kind of file in: site.com/MTCMS-V2.2/?a=gallery&b=adddown and approuved or not it will be here : /uploads/pictures/ same thing for : add link /index.php?a=links&b=addlink xss permanent on Contact Us : message & title fields are vulnerable to an xss attack...

1.9AI score
Exploits0
NVD
NVD
added 2006/12/28 12:28 a.m.19 views

CVE-2006-6796

PHP remote file inclusion vulnerability in admin/adminsettings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the insfile parameter...

6.8CVSS7.6AI score0.0201EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/12/28 12:0 a.m.22 views

CVE-2006-6796

PHP remote file inclusion vulnerability in admin/adminsettings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the insfile parameter...

7.6AI score0.0201EPSS
Exploits1References4
CVE
CVE
added 2006/12/28 12:0 a.m.37 views

CVE-2006-6796

CVE-2006-6796 is a PHP remote file inclusion vulnerability in MTCMS 2.0 and earlier. The flaw exists in admin/admin_settings.php where an attacker can supply a URL in the ins_file parameter to trigger inclusion of arbitrary PHP code, potentially leading to remote code execution. Affected product/...

6.8CVSS7.9AI score0.0201EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2006/12/26 12:0 a.m.14 views

MTCMS <= 2.0 (admin/admin_settings.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl +------------------------------------------------------------------------------------------- + MTCMS = 2.0 admin/adminsettings.php Remote File Include Exploit...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/12/25 12:0 a.m.36 views

MTCMS <= 2.0 (admin/admin_settings.php) Remote File Include Exploit

Exploit for unknown platform in category web applications =================================================================== MTCMS \n"; print "-h, --host\ttarget host\texample.com\n"; print "-f, --file\tremote file\thttp://evilsite.com/shell.php\n"; print "-d, --dir\tinstall dir\t/mtcms\n"; exit...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/12/25 12:0 a.m.13 views

MTCMS 2.0 - adminadmin_settings.php Remote File Inclusion

MTCMS 2.0 - adminadminsettings.php Remote File Inclusion !/usr/bin/perl +------------------------------------------------------------------------------------------- + MTCMS + Requirements.......: registerglobals = on...

Exploits0
Exploit DB
Exploit DB
added 2006/12/25 12:0 a.m.41 views

MTCMS 2.0 - &#039;/admin/admin_settings.php&#039; Remote File Inclusion

!/usr/bin/perl +------------------------------------------------------------------------------------------- + MTCMS + Requirements.......: registerglobals = on +------------------------------------------------------------------------------------------- use Getopt::Long; use URI::Escape; use...

7.4AI score
Exploits0
Rows per page
Query Builder