34 matches found
EUVD-2008-7138
Malware in sbrugna...
EUVD-2008-5042
Malware in sbrugna...
EUVD-2008-5179
Malware in sbrugna...
EUVD-2008-5178
Malware in sbrugna...
otmanager cms 24a (lfi/xss) Multiple Vulnerabilities
No description provided by source. =========================================================== OTManager CMS LFI/XSS Multiple Remote Vulnerabilities =========================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground...
CVE-2008-7179
OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMINHora, ADMINLogado, and ADMINNome cookies to certain values, as reachable in Admin/index.php...
CVE-2008-7179
OTManager CMS 2.4 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMINHora, ADMINLogado, and ADMINNome cookies to certain values, as reachable in Admin/index.php...
CVE-2008-7179
The CVE-2008-7179 entry describes an authentication bypass in OTManager CMS 2.4. An attacker can gain administrator privileges by manipulating the cookies ADMIN_Hora, ADMIN_Logado, and ADMIN_Nome to values that are valid in Admin/index.php. The vulnerability allows remote access without authentic...
CVE-2008-5201
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp,...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter...
Directory traversal
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp,...
CVE-2008-5202
Cross-site scripting XSS vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter...
CVE-2008-5201
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp,...
CVE-2008-5201
CVE-2008-5201 concerns OTManager CMS 24a, where a directory traversal flaw in index.php allows an attacker to include and execute arbitrary local files via the conteudo parameter. The root cause is improper handling of the .. path segment, enabling traversal to critical files; in some environment...
CVE-2008-5202
CVE-2008-5202 describes an XSS vulnerability in OTManager CMS 24a, where the parameter conteudo in index.php is not properly sanitized. This allows remote attackers to inject arbitrary web script or HTML, potentially compromising the victim’s browser session. Affected product: OTManager CMS 24a (...
CVE-2008-5063
PHP remote file inclusion vulnerability in Admin/ADMPagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in Admin/ADMPagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter...
CVE-2008-5063
PHP remote file inclusion vulnerability in Admin/ADMPagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter...
CVE-2008-5063
OTManager 2.4 is affected by a PHP remote file inclusion in Admin/ADM_Pagina.php. The vulnerability allows remote code execution by supplying a URL in the Tipo parameter, per CVE-2008-5063. The NVD entry shows a high-severity, network-exposed flaw; exploitation details and available fixes are not...
OTManager CMS 2.4 (Tipo) Remote File Inclusion Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= OTManager 2.4 Remote File Inclusion RFI Vulnerability - Security flaw discovered by Colt7r - CONTACT: colt7r |@| bsdmail.org - Affected Software: OTManager 2.4 - Risk: HIGH - Exploit:...