15 matches found
EUVD-2009-1402
Malware in sbrugna...
EUVD-2009-1403
Malware in sbrugna...
pastelcms 0.8.0 (lfi/sql) Multiple Vulnerabilities
No description provided by source. + PastelCMS 0.8.0 LFI/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.net + www.h4cky0u.org + Download : http://pastel.pri.ee/?id=58 + Local File Inclusion PoC : http://127.0.0.1/path/?setlng=../../../../../../BOOTSECT.BAK%00 + SQL...
CVE-2009-1404
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user Username parameter...
Sql injection
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user Username parameter...
CVE-2009-1405
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the setlng parameter...
Directory traversal
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the setlng parameter...
CVE-2009-1405
CVE-2009-1405 : Affected software is PastelCMS 0.8.0. The vulnerability is a directory traversal in index.php allowing remote inclusion/execution of local files via a ".." in the set_lng parameter when magic_quotes_gpc is disabled. This is the core impact described in the connected documents. The...
CVE-2009-1404
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user Username parameter...
CVE-2009-1405
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the setlng parameter...
CVE-2009-1404
CVE-2009-1404 affects PastelCMS 0.8.0 (admin.php). The vulnerability is a SQL injection in which, when magic_quotes_gpc is disabled, a remote attacker can cause arbitrary SQL commands via the user (Username) parameter. The description from NVD confirms the form of injection and affected component...
PastelCMS 0.8.0 (LFI/SQL) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ========================================================= PastelCMS 0.8.0 LFI/SQL Multiple Remote Vulnerabilities ========================================================= + PastelCMS 0.8.0 LFI/SQL Multiple Remote Vulnerabilities +...
PastelCMS 0.8.0 (LFI/SQL) Multiple Remote Vulnerabilities
No description provided by source. + PastelCMS 0.8.0 LFI/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.net + www.h4cky0u.org + Download : http://pastel.pri.ee/?id=58 + Local File Inclusion PoC : http://127.0.0.1/path/?setlng=../../../../../../BOOTSECT.BAK%00 + SQL...
pastelcms 0.8.0 - Local File Inclusion SQL Injection
pastelcms 0.8.0 - Local File Inclusion SQL Injection + PastelCMS 0.8.0 LFI/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.net + www.h4cky0u.org + Download : http://pastel.pri.ee/?id=58 + Local File Inclusion PoC :...
pastelcms 0.8.0 - Local File Inclusion / SQL Injection
PastelCMS 0.8.0 LFI/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.net + www.h4cky0u.org + Download : http://pastel.pri.ee/?id=58 + Local File Inclusion PoC : http://127.0.0.1/path/?setlng=../../../../../../BOOTSECT.BAK%00 + SQL Injection Login Bypass - Go to :...