348 matches found
CVE-2008-7221
RunCMS 1.6.1 is affected by a CSRF vulnerability that lets remote attackers hijack administrator sessions by sending crafted requests to system/admin.php, enabling (1) addition of new administrators or (2) modification of user profiles. The vulnerability is triggered through authenticated admin a...
RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit
No description provided by source. !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org...
RunCMS <= 1.6.3 (double ext) Remote Shell Injection Exploit
Exploit for unknown platform in category web applications =========================================================== RunCMS = 1.6.3 double ext Remote Shell Injection Exploit =========================================================== !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell...
RunCMS 1.6.3 Shell Injection
!/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org ------------------------------ Discovered o...
RunCMS 1.6.3 - Remote Shell Injection
RunCMS 1.6.3 - Remote Shell Injection !/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org...
RunCMS 1.6.3 - Remote Shell Injection
!/usr/bin/perl RunCMS = 1.6.3 "double ext" remote shell injection exploit Note: you may upload files with double extension FCKEditor must be enabled for users by staker ------------------------------ mail: stakerathotmaildotit url: http://www.runcms.org ------------------------------ Discovered o...
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus newbbplus module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bbPathpath parameter to votepolls.php and the 2 bbPathroottheme parameter to config.php, different vectors than...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus newbbplus module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bbPathpath parameter to votepolls.php and the 2 bbPathroottheme parameter to config.php, different vectors than...
CVE-2008-3354
CVE-2008-3354 concerns RunCMS 1.6.1 with the Newbb Plus 0.93 module, where multiple PHP remote file inclusion vulnerabilities allow an attacker to execute arbitrary PHP code. Specifically, the flaw is triggered by supplying a URL in the bbPath[path] parameter to votepolls.php and in the bbPath[ro...
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus newbbplus module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bbPathpath parameter to votepolls.php and the 2 bbPathroottheme parameter to config.php, different vectors than...
RunCMS 1.6.1 - bbPath[path] Remote File Inclusion
RunCMS 1.6.1 - bbPathpath Remote File Inclusion source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...
RunCMS 1.6.1 - bbPath[root_theme] Remote File Inclusion
RunCMS 1.6.1 - bbPathroottheme Remote File Inclusion source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...
RunCMS 1.6.1 - 'bbPath[path]' Remote File Inclusion
source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks a...
RunCMS 1.6.1 - 'bbPath[root_theme]' Remote File Inclusion
source: https://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks a...
runcms161-sql.txt
!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...
RunCMS <= 1.6.1 (msg_image) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================= RunCMS | |||| /| / / ================================================================================================= This is a public Exploit...
RunCMS 1.6.1 - 'msg_image' SQL Injection
!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...
RunCMS 1.6.1 - msg_image SQL Injection
RunCMS 1.6.1 - msgimage SQL Injection !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / /...
RunCMS <= 1.6.1 (msg_image) SQL Injection Exploit
No description provided by source. !/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / /...
RunCMS 1.6.1 - pm.class.php Multiple SQL Injections
RunCMS 1.6.1 - pm.class.php Multiple SQL Injections source: https://www.securityfocus.com/bid/29069/info RunCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...