22 matches found
EUVD-2010-3478
Malware in sbrugna...
EUVD-2010-3479
Malware in sbrugna...
php microcms 1.0.1 - Multiple Vulnerabilities
No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-15-php-microcms-1-0-1-multiple-remote-vulnerabilities/ ''' Title : PHP MicroCMS 1.0.1 Multiple Remote...
PHP MicroCMS 1.0.1 CSRF and XSS Vulnerabilities
No description provided by source. Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability...
XSS vulnerability in PHP MicroCMS
Vulnerability ID: HTB22764 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: XSS Cross Site Scripti...
XSRF (CSRF) in PHP MicroCMS
Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: CSRF Cross-Site Request Forger...
PHP MicroCMS 1.0.1 CSRF and XSS Vulnerabilities
Exploit for php platform in category web applications Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: CSRF Cross-Site Request Forgery Status: Not Fixed, Vendor Alerted, Awaiti...
PHP MicroCMS 1.0.1 - Cross-Site Request Forgery Cross-Site Scripting
PHP MicroCMS 1.0.1 - Cross-Site Request Forgery Cross-Site Scripting Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification...
PHP MicroCMS 1.0.1 - 'page_text' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45702/info PHP MicroCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...
PHP MicroCMS 1.0.1 - page_text Cross-Site Scripting
PHP MicroCMS 1.0.1 - pagetext Cross-Site Scripting source: https://www.securityfocus.com/bid/45702/info PHP MicroCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code ...
PHP MicroCMS 1.0.1 - Cross-Site Request Forgery / Cross-Site Scripting
Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability Type: CSRF Cross-Site Request Forger...
PHP MicroCMS 1.0.1 Cross Site Request Forgery / Cross Site Scripting
================================== Vulnerability ID: HTB22765 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpmicrocms.html Product: PHP MicroCMS Vendor: ApPHP http://www.apphp.com/ Vulnerable Version: 1.0.1 and probably prior versions Vendor Notification: 21 December 2010 Vulnerability...
Cross-site Request Forgery (CSRF) Vulnerabilities in PHP MicroCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in PHP MicroCMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in PHP MicroCMS 1.1 The vulnerability exists due to insufficient validation of the...
CVE-2010-3480
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...
Sql injection
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password variables, possibly related to include/classes/Login.php. NOTE: some of these details are...
CVE-2010-3481
CVE-2010-3481 affects ApPHP PHP MicroCMS 1.0.1. It discloses multiple SQL injection vulnerabilities in login.php when magic_quotes_gpc is disabled, allowing remote attackers to potentially execute arbitrary SQL via (1) user_name and (2) password variables, possibly tied to include/classes/Login.p...
CVE-2010-3480
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...
Month Of Abysssec Undisclosed Bugs - PHP MicroCMS 1.0.1
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | wronglogin = false; if !$this-isloggedin && $POST'submit' == "Login" && !empty$POST'username' && !empty$POST'password' $this-dologin$POST'username', $POST'password'; else if $POST'submitlogout' == "Logout"...
PHP MicroCMS 1.0.1 Multiple Remote Vulnerabilities
Exploit for php platform in category web applications ================================================== PHP MicroCMS 1.0.1 Multiple Remote Vulnerabilities ================================================== Title : PHP MicroCMS 1.0.1 Multiple Remote Vulnerabilities Affected Version : PHP MicroCMS...
PHP MicroCMS Local File Include and SQL Injection Vulnerabilities
PHP MicroCMS is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to view and execute arbitrary local fil...