OTSCMS <= 2.1.3 - Multiple Remote File Include Vulnerabilities

No description provided by source. Coding 4 Fun c4f.pl OTSCMS = 2.1.3 by Wrzasq www.otscms.com ; Class = Remote File Inclusion ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4fdotpl ;...

otscms <= 2.1.5 (sql/xss) Multiple Vulnerabilities

No description provided by source. Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

Sql injection

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php...

CVE-2007-0847

SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to priv.php...

CVE-2007-0846

CVE-2007-0846 is an XSS vulnerability in Open Tibia Server CMS (OTSCMS) ≤ 2.1.5, exploitable via the name parameter in forum.php. The underlying issue is improper input handling that allows arbitrary HTML/script injection, enabling an attacker to influence pages viewed by other users. The CVSS ba...

CVE-2007-0846

Cross-site scripting XSS vulnerability in forum.php in Open Tibia Server CMS OTSCMS 2.1.5 and earlier allows remote attackers to inject arbitrary HTML or web script via the name parameter...

CVE-2007-0847

Open Tibia Server CMS (OTSCMS) up to version 2.1.5 is affected by a SQL injection in mod/PM/reply.php, exploitable via the id parameter to priv.php. This allows remote attackers to execute arbitrary SQL commands. The affected component is the web-based CMS for OTSCMS; root cause is improper handl...

otscms-multi.txt

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS &lt;= 2.1.5 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://s...

OTSCMS &lt;= 2.1.5 &#40;SQL/XSS&#41; Multiple Remote Vulnerabilities

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS <= 2.1.5 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= OTSCMS extract'id' ; // reads message $pm = $db-query'SELECT pms.name AS name ... ' AND pms.id = ' . $id-fetchAll; --- $pm = $pm0; ... Example : http://target/path/priv.php?comman...

otscms 2.1.5 - SQL Injection Cross-Site Scripting

otscms 2.1.5 - SQL Injection Cross-Site Scripting Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

otscms 2.1.5 - SQL Injection / Cross-Site Scripting

Coding 4 Fun Name = OTSCMS 2.1.5 by Wrzasq http://otscms.com ; Class = Sql Injection / XSS ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4f.pl http://c4f.pl ;...

OTSCMS &lt;= 2.1.3 Multiple Remote File Include Vulnerabilities

No description provided by source. Coding 4 Fun c4f.pl OTSCMS = 2.1.3 by Wrzasq www.otscms.com ; Class = Remote File Inclusion ; Download = http://sourceforge.net/project/showfiles.php?groupid=145557 ; Found by = GregStar gregstaratc4fdotpl ;...

CVE-2006-5546

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 1.3.0 through 1.4.1 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigotscmsdirectoriesclasses parameter...

CVE-2006-5548

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 2.0.0 through 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigdirectoriesclasses parameter...

CVE-2006-5547

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 1.0.0 through 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigotscmsdirectoriesincludes parameter...

CVE-2006-5547

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 1.0.0 through 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigotscmsdirectoriesincludes parameter...

CVE-2006-5546

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 1.3.0 through 1.4.1 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigotscmsdirectoriesclasses parameter...

CVE-2006-5547

The CVE-2006-5547 entry concerns OTSCMS (Open Tibia Server Content Management System) versions 1.0.0 through 1.0.3. A PHP remote file inclusion flaw exists in OTSCMS.php via a crafted URL assigned to GLOBALS[config][otscms][directories][includes], enabling an attacker to execute arbitrary PHP cod...