27 matches found
EUVD-2008-4145
Malware in sbrugna...
EUVD-2008-4163
Malware in sbrugna...
EUVD-2008-4162
Malware in sbrugna...
NooMS CMS 1.1.1 - CSRF
No description provided by source. NooMS CMS version 1.1.1 CSRF Bug Found: April 9th 2011 Found by: loneferret as far as I know anyway Software Download Link: http://phpkode.com/download/p/2381nooms1.1.1.tar.bz2 Nods to exploit-db Team Well, I didn't have much to do this morning so figured I'd tr...
NooMS 1.1 - smileys.php page_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browse...
NooMS 1.1 - search.php q Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browse...
NooMS CMS version 1.1.1 CSRF
Exploit for php platform in category web applications NooMS CMS version 1.1.1 CSRF Bug Found: April 9th 2011 Found by: loneferret as far as I know anyway Software Download Link: http://phpkode.com/download/p/2381nooms1.1.1.tar.bz2 Nods to exploit-db Team Well, I didn't have much to do this mornin...
NooMS CMS 1.1.1 Cross Site Request Forgery
NooMS CMS version 1.1.1 CSRF Bug Found: April 9th 2011 Found by: loneferret as far as I know anyway Software Download Link: http://phpkode.com/download/p/2381nooms1.1.1.tar.bz2 Nods to exploit-db Team Well, I didn't have much to do this morning so figured I'd try to see how fast it would take me ...
Nooms CMS 1.1.1 - Cross-Site Request Forgery
Nooms CMS 1.1.1 - Cross-Site Request Forgery NooMS CMS version 1.1.1 CSRF Bug Found: April 9th 2011 Found by: loneferret as far as I know anyway Software Download Link: http://phpkode.com/download/p/2381nooms1.1.1.tar.bz2 Nods to exploit-db Team Well, I didn't have much to do this morning so...
Nooms CMS 1.1.1 - Cross-Site Request Forgery
NooMS CMS version 1.1.1 CSRF Bug Found: April 9th 2011 Found by: loneferret as far as I know anyway Software Download Link: http://phpkode.com/download/p/2381nooms1.1.1.tar.bz2 Nods to exploit-db Team Well, I didn't have much to do this morning so figured I'd try to see how fast it would take me ...
CVE-2008-4180
Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the gdbuser parameter and a password in the gdbpwd parameter, and possibly a "localhost" gdbhost parameter value, related to a "Mysql Remote Brute Force...
CVE-2008-4179
Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...
Remote file inclusion
Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the gdbuser parameter and a password in the gdbpwd parameter, and possibly a "localhost" gdbhost parameter value, related to a "Mysql Remote Brute Force...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...
CVE-2008-4180
Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the gdbuser parameter and a password in the gdbpwd parameter, and possibly a "localhost" gdbhost parameter value, related to a "Mysql Remote Brute Force...
CVE-2008-4180
The CVE-2008-4180 entry concerns NooMS 1.1, where a vulnerability in db.php could allow remote brute-force attempts against database passwords using g_dbuser and g_dbpwd parameters, and possibly a localhost value for g_dbhost. The connected sources corroborate an unspecified vulnerability enablin...
CVE-2008-4179
NooMS 1.1 is affected by CVE-2008-4179 through two reflected XSS vectors: in smileys.php via the page_id parameter and in search.php via the q parameter. The connected records confirm the vulnerability class (XSS) and the affected components, but do not provide explicit patch versions, remediatio...
CVE-2008-4179
Multiple cross-site scripting XSS vulnerabilities in NooMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 pageid parameter to smileys.php and the 2 q parameter to search.php...
CVE-2008-4162
Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the gsiteurl parameter...
Open redirect
Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the gsiteurl parameter...