otscms <= 2.1.5 (sql/xss) Multiple Vulnerabilities

No description provided by source. Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS <= 2.1.3 - Multiple Remote File Include Vulnerabilities

No description provided by source. Coding 4 Fun c4f.pl OTSCMS = 2.1.3 by Wrzasq www.otscms.com ; Class = Remote File Inclusion ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4fdotpl ;...

CVE-2007-0847

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php...

Sql injection

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php...

CVE-2007-0847

Open Tibia Server CMS (OTSCMS) up to version 2.1.5 is affected by a SQL injection in mod/PM/reply.php, exploitable via the id parameter to priv.php. This allows remote attackers to execute arbitrary SQL commands. The affected component is the web-based CMS for OTSCMS; root cause is improper handl...

CVE-2007-0846

CVE-2007-0846 is an XSS vulnerability in Open Tibia Server CMS (OTSCMS) ≤ 2.1.5, exploitable via the name parameter in forum.php. The underlying issue is improper input handling that allows arbitrary HTML/script injection, enabling an attacker to influence pages viewed by other users. The CVSS ba...

CVE-2007-0846

Cross-site scripting XSS vulnerability in forum.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter...

otscms-multi.txt

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS &lt;= 2.1.5 &#40;SQL/XSS&#41; Multiple Remote Vulnerabilities

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS &lt;= 2.1.5 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://s...

otscms 2.1.5 - SQL Injection Cross-Site Scripting

otscms 2.1.5 - SQL Injection Cross-Site Scripting Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS <= 2.1.5 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= OTSCMS extract'id' ; // reads message $pm = $db-query'SELECT pms.name AS name ... ' AND pms.id = ' . $id-fetchAll; --- $pm = $pm0; ... Example : http://target/path/priv.php?comman...

otscms 2.1.5 - SQL Injection / Cross-Site Scripting

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS &lt;= 2.1.3 Multiple Remote File Include Vulnerabilities

No description provided by source. Coding 4 Fun c4f.pl OTSCMS = 2.1.3 by Wrzasq www.otscms.com ; Class = Remote File Inclusion ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4fdotpl ;...

CVE-2006-5546

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 1.3.0 through 1.4.1 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigotscmsdirectoriesclasses parameter...

CVE-2006-5547

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 1.0.0 through 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigotscmsdirectoriesincludes parameter...

CVE-2006-5548

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 2.0.0 through 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigdirectoriesclasses parameter...

CVE-2006-5548

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 2.0.0 through 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigdirectoriesclasses parameter...

CVE-2006-5548

CVE-2006-5548 discusses a PHP remote file inclusion vulnerability in OTSCMS (Open Tibia Server Content Management System). The issue affects OTSCMS versions 2.0.0 through 2.1.3 and stems from an insecure usage of GLOBALS[config][directories][classes] in OTSCMS.php, allowing remote attackers to ex...

CVE-2006-5546

CVE-2006-5546 affects OTSCMS (Open Tibia Server Content Management System) versions 1.3.0 through 1.4.1. The vulnerability is a PHP remote file inclusion in OTSCMS/OTSCMS.php that allows remote attackers to execute arbitrary PHP code via a URL supplied in the GLOBALS[config][otscms][directories][...