348 matches found
runcms 2.2.2 - Multiple Vulnerabilities
No description provided by source. Source: http://packetstormsecurity.org/files/view/98472/runcms-sqlxss.txt ================================ Vulnerability ID: HTB22820 Reference: http://www.htbridge.ch/advisory/sqlinjectioninruncms.html Product: RunCMS Vendor: http://www.runcms.org/...
RunCMS 1.6.1 config.php bbPath[root_theme] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the...
RunCMS 1.1/1.2 NewBB_Plus and Messages Modules Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14631/info RunCMS is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...
RunCMS 1.6 - Remote Blind SQL Injection Exploit (IDS evasion)
No description provided by source. // / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / // / exploit get hash of admin password / / / / Exploit is invisible for / / RUNCMS sql injection detecting mechanism / // // / tested on RUNCMS english version 1.6 / // // / Date of Public EXPLOIT:...
RunCMS 1.x Avatar Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20874/info RunCMS is prone to an arbitrary file-upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process...
RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit
No description provided by source. ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: But when the...
RunCMS 1.6.1 - 'pm.class.php' Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29069/info RunCMS is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
RunCMS 1.x Ratefile.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16769/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
RunCMS 1.x Bigshow.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16970/info RunCMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated HTML content. An...
runcms 1.6 - Multiple Vulnerabilities
No description provided by source. Digital Security Research Group Advisory Application: RunCMS Versions Affected: RunCMS 1.6 Vendor URL: http://www.runcms.org Bugs: SQL Injections, XSS, PHP Include, Predictable session id, etc. Exploits: Aviable Reported: 14.12.2007 Vendor response: 15.12.2007...
RunCMS 1.2/1.3 PMLite.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16652/info RunCMS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow...
RunCMS <= 1.6 disclaimer.php Remote File Overwrite Exploit
No description provided by source. ?php WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCmss Bug Yahoo! Crawler Vendor: http://www.runcms.org/ Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versions also may be affected Exploitation: Remote with browser...
RunCMS <= 1.6 - Local File Inclusion Vulnerability
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCms Multiple Vulnerabilities Vendor: http://www.runcms.org/ Bugs: Local File Inclusion, Modules Authorization Weakness Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versio...
RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = UnderWHAT?! ; $mw-geometry '420x383' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'Newbbplus =...
RunCMS 1.6.1 votepolls.php bbPath[path] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the...
RunCMS 1.1 Database Configuration Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12848/info RunCMS is reportedly affected by an information disclosure vulnerability. This issue is due to a failure in the application to secure sensitive information. Exploitation of this vulnerability could lead to the...
RunCMS 'forum' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36816/info RunCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
RunCMS <= 1.6.1 (msg_image) SQL Injection Exploit
No description provided by source. !/usr/bin/python ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / /...
RunCMS 1.6.1 'admin.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27852/info RunCMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of...
RunCms <= 1.5.2 (debug_show.php) Remote SQL Injection Exploit
No description provided by source. ?php printr' -------------------------------------------------------------------------- RunCms = 1.5.2 /class/debug/debugshow.php sql injection / credentials disclosure exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org dork: Runcm...