22 matches found
EUVD-2006-4456
Malware in sbrugna...
EUVD-2005-2416
Malware in sbrugna...
EUVD-2012-6368
Malware in sbrugna...
CVE-2009-3118
SQL injection vulnerability in mod/poll/comment.php in the vote module in Danneo CMS 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the comtext parameter, in conjunction with crafted comname and comtitle parameters, in a poll action to index.php, related to...
The vulnerability of the “Create poll” module in the YOP Poll plugin of the WordPress content management system allows a hacker to perform cross-site scripting attacks.
The vulnerability of the “Create poll” module in the YOP Poll plugin of the WordPress content management system is related to the lack of protection for website structure when processing parameters such as “Vote Button Label”, “Show Results Link”, and “Display Back to vote Link”. Exploiting this...
CVE-2012-6518
Cross-site request forgery CSRF vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to the poll module...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in DiY-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 question parameter to in /modules/poll/add.php or 2 question or 3 answer parameter to modules/poll/edit.php...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to the poll module...
CVE-2012-6518
Cross-site request forgery CSRF vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to the poll module...
CVE-2012-6518
CVE-2012-6518 is a CSRF vulnerability affecting DiY-CMS 1.0, where mod.php allows attackers to hijack administrator authentication by crafting requests to the poll module’s add action. The issue arises from insufficient CSRF protections in the poll creation workflow, enabling unauthorized actions...
CVE-2011-5211
Cross-site scripting XSS vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Cross site scripting
Cross-site scripting XSS vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
CVE-2011-5211
Cross-site scripting XSS vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities
Document Title: =============== DIY CMS v1.0 Poll - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=518 Release Date: ============= 2012-04-26 Vulnerability Laboratory ID VL-ID: ==================================== 518 Produc...
SUBRION CMS Cross Site Scripting / SQL Injection
1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...
SUBRION CMS - Multiple Vulnerabilities
1.SUBRION CMS multiple vulnerabilties vendor: www.subrion.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: © 2011 Powered by Subrion CMS...
Sql injection
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter...
CVE-2008-6853
SQL injection vulnerability in modules/poll/index.php in AIST NetCat 3.0 and 3.12 allows remote attackers to execute arbitrary SQL commands via the PollID parameter...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...