Lucene search
K

348 matches found

CVE
CVE
added 2009/09/14 2:0 p.m.47 views

CVE-2008-7221

RunCMS 1.6.1 is affected by a CSRF vulnerability that lets remote attackers hijack administrator sessions by sending crafted requests to system/admin.php, enabling (1) addition of new administrators or (2) modification of user profiles. The vulnerability is triggered through authenticated admin a...

6.8CVSS7.2AI score0.0062EPSS
Exploits0References2Affected Software1
seebug.org
seebug.org
added 2009/07/13 12:0 a.m.22 views

RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit

No description provided by source. !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/07/13 12:0 a.m.22 views

RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit

Exploit for unknown platform in category web applications =========================================================== RunCMS = 1.6.3 double ext Remote Shell Injection Exploit =========================================================== !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/07/13 12:0 a.m.33 views

RunCMS 1.6.3 Shell Injection

!/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org ------------------------------ Discovered o...

Exploits0
exploitpack
exploitpack
added 2009/07/13 12:0 a.m.19 views

RunCMS 1.6.3 - Remote Shell Injection

RunCMS 1.6.3 - Remote Shell Injection !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org...

Exploits0
Exploit DB
Exploit DB
added 2009/07/13 12:0 a.m.36 views

RunCMS 1.6.3 - Remote Shell Injection

!/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org ------------------------------ Discovered o...

7.4AI score
Exploits0
NVD
NVD
added 2008/07/28 5:41 p.m.11 views

CVE-2008-3354

Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus newbbplus module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bbPathpath parameter to votepolls.php and the 2 bbPathroottheme parameter to config.php, different vectors than...

7.5CVSS7.2AI score0.02544EPSS
Exploits1References3
Prion
Prion
added 2008/07/28 5:41 p.m.166 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus newbbplus module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bbPathpath parameter to votepolls.php and the 2 bbPathroottheme parameter to config.php, different vectors than...

7.5CVSS7.5AI score0.03997EPSS
Exploits2References3Affected Software2
CVE
CVE
added 2008/07/28 5:0 p.m.479 views

CVE-2008-3354

CVE-2008-3354 concerns RunCMS 1.6.1 with the Newbb Plus 0.93 module, where multiple PHP remote file inclusion vulnerabilities allow an attacker to execute arbitrary PHP code. Specifically, the flaw is triggered by supplying a URL in the bbPath[path] parameter to votepolls.php and in the bbPath[ro...

7.5CVSS7.4AI score0.02544EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2008/07/28 5:0 p.m.22 views

CVE-2008-3354

Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus newbbplus module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bbPathpath parameter to votepolls.php and the 2 bbPathroottheme parameter to config.php, different vectors than...

7.1AI score0.02544EPSS
Exploits1References3
exploitpack
exploitpack
added 2008/07/21 12:0 a.m.16 views

RunCMS 1.6.1 - bbPath[path] Remote File Inclusion

RunCMS 1.6.1 - bbPathpath Remote File Inclusion source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/07/21 12:0 a.m.12 views

RunCMS 1.6.1 - bbPath[root_theme] Remote File Inclusion

RunCMS 1.6.1 - bbPathroottheme Remote File Inclusion source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/21 12:0 a.m.65 views

RunCMS 1.6.1 - &#039;bbPath[path]&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/21 12:0 a.m.24 views

RunCMS 1.6.1 - &#039;bbPath[root_theme]&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/09 12:0 a.m.23 views

runcms161-sql.txt

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/05/08 12:0 a.m.14 views

RunCMS <= 1.6.1 (msg_image) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================= RunCMS | |||| /| / / ================================================================================================= This is a public Exploit...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/08 12:0 a.m.24 views

RunCMS 1.6.1 - &#039;msg_image&#039; SQL Injection

!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/05/08 12:0 a.m.14 views

RunCMS 1.6.1 - msg_image SQL Injection

RunCMS 1.6.1 - msgimage SQL Injection !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / /...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2008/05/08 12:0 a.m.27 views

RunCMS &lt;= 1.6.1 (msg_image) SQL Injection Exploit

No description provided by source. !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / /...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/05/06 12:0 a.m.11 views

RunCMS 1.6.1 - pm.class.php Multiple SQL Injections

RunCMS 1.6.1 - pm.class.php Multiple SQL Injections source: https://www.securityfocus.com/bid/29069/info RunCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

0.3AI score
Exploits0
Rows per page
Query Builder