104 matches found
Pointter PHP Content Management System 1.2 Multiple Vulnerabilities
Exploit for php platform in category web applications Vendor: PangramSoft GmbH Product web page: http://www.pointter.com Affected version: 1.2 Summary: Pointter PHP Content Management System is an advanced, fast and user friendly CMS script that can be used to build simple websites or professiona...
JAKCMS <= v2.01 Code Execution Exploit
Exploit for php platform in category web applications !/usr/bin/python JAKCMS query$sql; if $jakdb-affectedrows 0 $row = $result-fetchassoc; $SESSION'JAKLoggedIn' = true; Additionally, functionality in the backend, allows...
MCFileManager Plugin for TinyMCE 3.2.2.3 Arbitrary File Upload
Exploit for php platform in category web applications http://tinymce.moxiecode.com/pluginsfilemanager.php Major version 3 Minor version 2.2.3 Author : Vladimir Vorontsov Contact : d0znpp at gmail dot com Greetz : GNU My Group : ONSEC Russian Security Team DORK: inurl:/tinymce/plugins/filemanager/...
MCFileManager Plugin for TinyMCE 3.2.2.3 - Arbitrary File Upload
============================================== File Upload Vulnerability Plugins tinymce ============================================== http://tinymce.moxiecode.com/pluginsfilemanager.php Major version 3 Minor version 2.2.3 Author : Vladimir Vorontsov Contact : d0znpp at gmail dot com Greetz : GN...
E-Php content management system SQL injection and fix-vulnerability warning-the black bar safety net
Vulnerability type: SQL injection Vulnerability description: E-Php Content Management System CMS, article. php page there is SQL injection. Vulnerability test: http://target/path/cms/article.php?esid=-1+union+select+1,version,3,4,5,6,7,8,9,1 0,1 1,1 2...
E-Php content management system SQL injection exploit-vulnerability warning-the black bar safety net
| E-Php Content Management System CMS, article. php page there is SQL injection. Vulnerability testing: Trojan http://www.chinasg.tk/article.php?esid=-1+union+select+1,version,3,4,5,6,7,8,9,1 0,1 1,1 2...
E-Php Content Management System SQL Injection Vulnerability
Exploit for php platform in category web applications =========================================================== E-Php Content Management System SQL Injection Vulnerability =========================================================== In The Name Of GOD + Exploit Title: E-Php Content Management...
HBCMS(Hongbo)1.8.3 list_resource. php blind injection vulnerability-vulnerability warning-the black bar safety net
Affected versions: HBCMSmacro-Bo=1.8.3 Vulnerability description: HBCMS is the domestic more well-known PHP content management system, not yet open source, the source code using the zend encryption. Meet the following three conditions, you can through the MySQL blind injection to get any sensitiv...
Directory traversal
Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the contentpath parameter...
CVE-2009-3824
CVE-2009-3824 concerns Greenwood PHP Content Manager 0.3.2, where a directory traversal flaw in include/processor.php allows remote attackers to include and execute arbitrary local files by manipulating the content_path parameter using .. paths. This aligns with the NVD description and CVSS metri...
CVE-2007-6187
Multiple directory traversal vulnerabilities in PHP Content Architect aka NoAh 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. dot dot in the filepath parameter to 1 cssfile.php, 2 jsfile.php, or 3 xmlfile.php in noah/modules/nosystem/templates/...
CVE-2007-6187
Multiple directory traversal vulnerabilities in PHP Content Architect aka NoAh 0.9 pre 1.2 and earlier allow remote attackers to read arbitrary files via a .. dot dot in the filepath parameter to 1 cssfile.php, 2 jsfile.php, or 3 xmlfile.php in noah/modules/nosystem/templates/...
CVE-2007-6187
CVE-2007-6187 describes multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) versions 0.9 pre 1.2 and earlier. The issue allows remote attackers to read arbitrary files by inserting ".." in the filepath parameter to css_file.php, js_file.php, or xml_file.php within noa...
noah-rfi.txt
NoAh 0.9 The PHP Content Architect BUG: Example:http://site.com/path/noah/modules/noevents/templates/mfatheme.php?tpls1=Sh3LL Script Script Download http://sourceforge.net/project/showfiles.php?groupid=131995&packageid=148681&releaseid=318628 [email protected] Special Thanks: x0r0n ajan...
NoAh <= 0.9 pre 1.2 (mfa_theme.php) Remote File Inclusion Vulnerability
No description provided by source. NoAh 0.9 The PHP Content Architect = Remote File Inclusion Vulnerability Dork:: Vuln Code ERROR:noah/modules/noevents/templates/mfatheme.php ?php include$tpls1; ? BUG: Example:http://site.com/path/noah/modules/noevents/templates/mfatheme.php?tpls1=Sh3LL Script...
PHP Content Architect 0.9 pre 1.2 - MFA_Theme.php Remote File Inclusion
PHP Content Architect 0.9 pre 1.2 - MFATheme.php Remote File Inclusion source: https://www.securityfocus.com/bid/23843/info PHP Content Architect is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attack...
PHP Content Architect 0.9 pre 1.2 - 'MFA_Theme.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/23843/info PHP Content Architect is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attac...
NoAh 0.9 pre 1.2 - mfa_theme.php Remote File Inclusion
NoAh 0.9 pre 1.2 - mfatheme.php Remote File Inclusion NoAh 0.9 The PHP Content Architect BUG: Example:http://site.com/path/noah/modules/noevents/templates/mfatheme.php?tpls1=Sh3LL Script Script Download http://sourceforge.net/project/showfiles.php?groupid=131995&packageid=148681&releaseid=318628...
OPENi-CMS 1.0.1beta - config Remote File Inclusion
OPENi-CMS 1.0.1beta - config Remote File Inclusion Update: 22:44 09/11/06 Subject: "OPENi-CMS 1.0.1config Remote File Inclusion Vulnerability " Vulnerable version: OPENi-CMS 1.0.1 Operating System: - All OS Vendor URL: Support - [email protected] Website - http://www.openi-cms.org/ Descriptio...
OPENi-CMS <= 1.0.1beta (config) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ================================================================= OPENi-CMS = 1.0.1beta config Remote File Include Vulnerability ================================================================= Update: 22:44 09/11/06 Subject: "OPENi-CMS...