21 matches found
EUVD-2005-2416
Malware in sbrugna...
EUVD-2006-4456
Malware in sbrugna...
EUVD-2012-6368
Malware in sbrugna...
CVE-2009-3118
SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to...
CVE-2012-6518
Cross-site request forgery CSRF vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to the poll module...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in DiY-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 question parameter to in /modules/poll/add.php or 2 question or 3 answer parameter to modules/poll/edit.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to the poll module...
CVE-2012-6518
CVE-2012-6518 is a CSRF vulnerability affecting DiY-CMS 1.0, where mod.php allows attackers to hijack administrator authentication by crafting requests to the poll module’s add action. The issue arises from insufficient CSRF protections in the poll creation workflow, enabling unauthorized actions...
CVE-2012-6518
Cross-site request forgery CSRF vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to the poll module...
CVE-2011-5211
Cross-site scripting XSS vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Cross site scripting
Cross-site scripting XSS vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
CVE-2011-5211
Cross-site scripting XSS vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities
Document Title: =============== DIY CMS v1.0 Poll - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=518 Release Date: ============= 2012-04-26 Vulnerability Laboratory ID VL-ID: ==================================== 518 Produc...
SUBRION CMS Cross Site Scripting / SQL Injection
1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...
SUBRION CMS - Multiple Vulnerabilities
1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...
Sql injection
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter...
CVE-2008-6853
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...
CVE-2005-2415
Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the 1 value parameter to the poll module or 2 pId parameter to the gallery module...