47 matches found
Pacer Edition CMS 2.1 Remote XSS POST Injection Vulnerability
Summary The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer Edition CMS was based from Website baker core and has been completely redesigned with a whole new look and feel along with many new advanced features to allow you to build sit...
Kentico CMS 5.5R2.23 Cross Site Scripting
Kentico CMS =5.5R2.23 Cross-Site Scripting POST Injection Vulnerability Vendor: Kentico Software Product web page: http://www.kentico.com Affected version: 5.5R2.23 and bellow Summary: .NET Web Content Management System for ASP.NET Desc: Kentico CMS suffers from a XSS vulnerability when parsing...
Kentico CMS <=5.5R2.23 Cross-Site Scripting POST Injection Vulnerability
Summary .NET Web Content Management System for ASP.NET. Description Kentico CMS suffers from a XSS vulnerability when parsing user input to the 'userContextMenuparameter' parameter via POST method in '/examples/webparts/membership/users-viewer.aspx'. Attackers can exploit this weakness to execute...
MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting
MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting getObject'modUser',array 30: 'username' = $POST'username', 31: ; ... 71: else if !empty$POST'forgotlogin' 72: $c = $modx-newQuery'modUser'; 73: $c-selectarray'modUser.','Profile.email','Profile.fullname'; 74: $...
MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability
Summary MODx Revolution is a powerful PHP Content Management Framework that plays nicely with custom code and helps you build sites faster and maintain them with ease. With Revolution you'll leverage the best things to come around since MVC and Active Record. Description The MODx Revolution CMS...
Dvbbs8 Action Network Forum latest 0day research-vulnerability warning-the black bar safety net
I here it has been assumed that a DVBBS8 SQL: We first register a user, just find a post. Just broke。。。。 We have to re-send a post. Discovery table review, where to capture | POST /dvbbs8/Appraise. asp? action=save HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,...
phpBB Attachment Mod Directory Traversal HTTP POST Injection
//------------------------------------------------------------------- CastleCopsSM Security Advisory 14 Dec 2004 --------------------------------------------------------------------- http://castlecops.com/ --------------------------------------------------------------------- Severity: High Title:...