EUVD-2006-5061

Malware in sbrugna...

EUVD-2007-2094

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2007-2097

Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote attackers to execute arbitrary PHP code via a URL in the includespath parameter to 1 click.php or 2 pollcollector.php in htdocs/; or 3 index.php, 4 articlepages.php, 5 articles.php, 6 articleform.php...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote attackers to execute arbitrary PHP code via a URL in the includespath parameter to 1 click.php or 2 pollcollector.php in htdocs/; or 3 index.php, 4 articlepages.php, 5 articles.php, 6 articleform.php...

CVE-2007-2099

Cross-site scripting XSS vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2007-2099

Cross-site scripting XSS vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2007-2097

OpenConcept Back-End CMS 0.4.7 is affected by CVE-2007-2097, a set of PHP remote file inclusion vulnerabilities. The flaw allows an attacker to execute arbitrary PHP code by providing a URL in the includes_path parameter to multiple PHP files in htdocs/site-admin/ (and related files in htdocs/). ...

CVE-2007-2099

CVE-2007-2099 affects OpenConcept Back-End CMS 0.4.7. The vulnerability is a cross-site scripting (XSS) in htdocs/php.php via the page[] parameter, allowing remote attackers to inject arbitrary script/HTML. The CVSSv2 vector (AV:N/AC:M/Au:N/C:P/I:P/A:P) yields a base score of 6.8 (MEDIUM) with ne...

CVE-2007-2097

Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote attackers to execute arbitrary PHP code via a URL in the includespath parameter to 1 click.php or 2 pollcollector.php in htdocs/; or 3 index.php, 4 articlepages.php, 5 articles.php, 6 articleform.php...

PT-2007-3439 · Openconcept · Openconcept Back-End Cms

Name of the Vulnerable Software and Affected Versions: OpenConcept Back-End CMS version 0.4.7 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the includes path parameter to various PHP files, including "click.php" and "pollcollector.php" in the htdocs...

CVE-2006-5076

Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includespath parameter in 1 admin/index.php, 2 Facts.php, or 3 search.php...

PT-2006-5814 · Openconcept · Openconcept Back-End Cms

Name of the Vulnerable Software and Affected Versions: OpenConcept Back-End version 0.4.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the includes path parameter in several PHP files, including "admin/index.php", "Facts.php", and "search.php"...

CVE-2006-5076

Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includespath parameter in 1 admin/index.php, 2 Facts.php, or 3 search.php...

CVE-2006-5076

CVE-2006-5076 relates to OpenConcept Back-End 0.4.5/0.4.5-era builds with multiple PHP remote file inclusion vulnerabilities. The flaw is triggered via the includes_path parameter in several PHP entry points (e.g., admin/index.php, Facts.php, search.php), allowing remote code execution. Related r...