Lucene search
+L

29 matches found

securityvulns
securityvulns
added 2008/06/26 12:0 a.m.141 views

The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilities

========================================================== The Rat CMS SQL/XSS Multiple Remote Vulnerabilities ========================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

1.5AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/26 12:0 a.m.49 views

The Rat CMS - 'viewarticle.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to...

7AI score
Exploits0
exploitpack
exploitpack
added 2008/06/26 12:0 a.m.12 views

The Rat CMS - viewarticle2.php?id SQL Injection

The Rat CMS - viewarticle2.php?id SQL Injection source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...

8.7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/03 12:0 a.m.22 views

SiteXS CMS 0.1.1 - 'upload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/29029/info SiteXS is prone to a vulnerability that lets remote attackers upload and execute arbitrary script code because the application fails to sanitize user-supplied input. An attacker can leverage this issue to execute arbitrary code on an affected...

7.4AI score
Exploits0
CVE
CVE
added 2008/05/01 6:0 p.m.42 views

CVE-2008-2046

CVE-2008-2046 describes a cross-site scripting (XSS) vulnerability in the Softpedia SiteXS CMS 0.1.1 Pre-Alpha. The issue resides in index.php and allows remote attackers to inject arbitrary web script or HTML via the user parameter. Documented impact is partial integrity exposure with no confide...

4.3CVSS5.7AI score0.01436EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2006/09/27 11:0 p.m.21 views

CVE-2006-5027

Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files 1 dbmsql.inc, 2 dbmssql.inc, 3 dbmysql.inc, 4 dboci8.inc, 5 dbodbc.inc, 6 dboracle.inc, and 7 dbpgsql.inc; and 8 dbsybase.inc, which reveals the pa...

6.3AI score0.01316EPSS
Exploits0References3
NVD
NVD
added 2006/09/06 12:4 a.m.16 views

CVE-2006-4545

PHP remote file inclusion vulnerability in ModuleBased CMS Pre-Alpha allows remote attackers to execute arbitrary PHP code via the SERVER parameter in 1 admin/avatar.php, 2 libs/archive.class.php, 3 libs/login.php, 4 libs/profiles.class.php, and 5 libs/profile/proccess.php. NOTE: CVE disputes thi...

7.5CVSS7.6AI score0.02684EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2006/09/06 12:0 a.m.4 views

PT-2006-5338 · Modulebased · Modulebased Cms

Name of the Vulnerable Software and Affected Versions: ModuleBased CMS Pre-Alpha Description: The issue allows remote attackers to execute arbitrary PHP code via the SERVER parameter in several files, including "admin/avatar.php", "libs/archive.class.php", "libs/login.php",...

7.5CVSS7.7AI score0.02684EPSS
Exploits1References8
CVE
CVE
added 2006/09/06 12:0 a.m.36 views

CVE-2006-4545

ModuleBased CMS Pre-Alpha is affected by a PHP remote file inclusion risk in multiple files (admin/avatar.php, libs/archive.class.php, libs/login.php, libs/profiles.class.php, libs/profile/proccess.php) via the _SERVER parameter. The underlying concern is that the _SERVER array and _SERVER[DOCUME...

7.5CVSS8AI score0.02684EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder