phpCMS 1.1.7 parser.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

Geomi CMS 1.2 & 3.0 - SQL Injection Vulnerability

No description provided by source. + Exploit Title : Geomi CMS by Tridan IT Sql Injection Vunerability Author : ThunDEr HeaD Contact : [email protected] Date : 11-01-2011 HomePage : www.indishell.in Version : 1.2 , 3.0 Tested on : PBL Technology Vulnerability Style : PHPCMS Sql Injection...

phpCMS 1.1.7 counter.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

phpCMS 1.1.7 phpCMS include/class.session_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

phpCMS 1.1.7 include/class.cache_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

CVE-2013-5939

Multiple cross-site scripting XSS vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the 1 list or 2 introduce parameter to index.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the 1 list or 2 introduce parameter to index.php...

CVE-2013-5939

Multiple cross-site scripting XSS vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the 1 list or 2 introduce parameter to index.php...

CVE-2013-5939

CVE-2013-5939 documents multiple cross-site scripting (XSS) vulnerabilities in the PHPCMS Guestbook module. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) introduce parameter to index.php. The NVD entry provides the affected vector as a cl...

PHPCMS 9.5.3 /phpcms/modules/vote/classes/vote_tag.class.php SQL注入漏洞

No description provided by source...

PHPCMS 9.5.3 /phpcms/modules/content/classes/content_tag.class.php SQL注入漏洞

No description provided by source...

phpcms foreground and(background permissions)getshell1-vulnerability warning-the black bar safety net

1, The first first reception of it, to estimate a lot of stations are starting to fill up. For phpcms 2 0 0 8, the secondary attack category, a secondary analysis getshell it. In uploadfield. php br / $uploadallowext = ! empty$C'uploadallowext' ? $C'uploadallowext' : $info'uploadallowext';/p p //...

phpcms v9 front Desk unlimited GETSHELL-a vulnerability warning-the black bar safety net

0×0 1:An Introduction PHPCMS V9（hereinafter referred to V9 with PHP5+MYSQL as the technical basis for development. V9 using OOP for object mode for running based frame structures. The modular development approach as a function of development forms. Framework easy functionality expansion, code...

PHPCMS 2008 /preview.php SQL注入漏洞

No description provided by source...

PHPCMS 2008 SQL注入漏洞

No description provided by source...

phpcms upload cause getshell detailed and case-vulnerability warning-the black bar safety net

0x01 what is upload vulnerability A lot of cms in order to enrich their functions are to provide the upload an avatar, upload pictures and other functions. But if the uploaded content does not do better than the filter, it is equal to say to the attacker to an arbitrary code execution. For exampl...

phpcms 9.4.2 /phpcms/modules/pay/respond.php 路径泄漏

No description provided by source...

PHPCMS Guestbook Cross Site Scripting

CVE-2013-5939:PHPCMS guestbook module Stored XSS Vulnerability Severity: Important Vendor: phpcms.cn Versions Affected: All of use guestbook module phpcms Description: The phpcms has be found the Stored XSS Vulnerability if use the guestbook module.someone can insert xss code at the front...

PHPCMS v9.3.4 content.php SQL注入漏洞

PHPCMS全版本通杀SQL注入漏洞,测试版本为V9.5.3版本，2014-05-12之前的 存在漏洞的文件/phpcms/modules/member/content.php 202行 edit函数 $info = array; foreach$POST'info' as $k=$v ifinarray$k, $fields $POST'info'$k = newhtmlspecialcharstrimscript$v; $POST'linkurl' = strreplacearray'"','','',",",'...

phpcms multiple versions of the background holding shell vulnerability-vulnerability warning-the black bar safety net

Brief description: phpcms multiple versions of the background holding shell vulnerability. Detailed description: url rules with generated static can get the shell. Vulnerability proof: 1, the landing in the background." Extension"—"the URL rule Management"—"Add a rule" ! 2,“URL rule name”must be...