CVE-2011-10009

Affected software: S40 CMS v0.4.2. Vulnerability: path traversal via the index.php page handler; the p parameter is not properly sanitized, enabling traversal of the file system and access to arbitrary files outside the web root. Impact: remote, unauthenticated exploitation leading to potential e...

PT-2025-33078 · S40 Cms · S40 Cms

Name of the Vulnerable Software and Affected Versions: S40 CMS version 0.4.2 Description: S40 CMS version 0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary fil...

S40 CMS 安全漏洞

S40 CMS is a content management system by Osirys Personal Developers. A security vulnerability exists in S40 CMS version 0.4.2, which stems from improper cleaning of the parameter p in the index.php page handler, which could lead to a path traversal attack...

S40 0.4.2 CMS Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'S40 0.4.2 CMS Directory Traversal Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability found in S40 CMS. T...

S40 CMS 0.4.1 Change Admin Passwd CSRF Exploit

No description provided by source...

S40 0.4.2 CMS Directory Traversal Vulnerability

This module exploits a directory traversal vulnerability found in S40 CMS. The flaw is due to the 'page' function not properly handling the $pid parameter, which allows a malicious user to load an arbitrary file path. This module requires Metasploit: https://metasploit.com/download Current source...

S40 Content Management System (CMS) Cross-Site Scripting Vulnerability

S40 Content Management System CMS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

S40 CMS 0.4.2b LFI Vulnerability

Exploit for php platform in category web applications Security Advisory Details: 07/04/2001 Script S40 CMS 0.4.2 Beta Location http://s40.biz/?p=download Vulnerability Local File Inclusion Original Adv http://y-osirys.com/security/exploits/id27 Author Giovanni Buzzin, "Osirys" Site y-osirys.com...

S40 CMS 0.4.2b LFI Vulnerability

No description provided by source. Script S40 CMS 0.4.2 Beta Location http://s40.biz/?p=download Vulnerability Local File Inclusion Original Adv http://y-osirys.com/security/exploits/id27 Author Giovanni Buzzin, "Osirys" Site y-osirys.com Contact osirysatautisticidotorg...

S40 CMS 0.4.2b - Local File Inclusion

Security Advisory Details: 07/04/2001 Script S40 CMS 0.4.2 Beta Location http://s40.biz/?p=download Vulnerability Local File Inclusion Original Adv http://y-osirys.com/security/exploits/id27 Author Giovanni Buzzin, "Osirys" Site y-osirys.com Contact osirysatautisticidotorg...

S40 CMS 0.4.2b - Local File Inclusion

S40 CMS 0.4.2b - Local File Inclusion Security Advisory Details: 07/04/2001 Script S40 CMS 0.4.2 Beta Location http://s40.biz/?p=download Vulnerability Local File Inclusion Original Adv http://y-osirys.com/security/exploits/id27 Author Giovanni Buzzin, "Osirys" Site y-osirys.com Contact...

S40 CMS 0.4.2b Local File Inclusion

Security Advisory Details: 07/04/2001 Script S40 CMS 0.4.2 Beta Location http://s40.biz/?p=download Vulnerability Local File Inclusion Original Adv http://y-osirys.com/security/exploits/id27 Author Giovanni Buzzin, "Osirys" Site y-osirys.com Contact osirysatautisticidotorg...

S40 CMS v.0.4.1 Change Admin Passwd CSRF Exploit

Exploit for php platform in category web applications In The Name Of GOD + Exploit Title:remote change user and password exploit + Date: 2010 + script:S40 CMS v.0.4.1 beta + Software: http://s40.biz/?p=download + Author : pentesters.ir +discovered by:ahmadbady + Contact : email protected + Websit...

S40 CMS 0.4.1 Cross Site Request Forgery

In The Name Of GOD + Exploit Title:remote change user and password exploit + Date: 2010 + script:S40 CMS v.0.4.1 beta + Software: http://s40.biz/?p=download + Author : pentesters.ir +discovered by:ahmadbady + Contact : [email protected] + Website : WwW.PenTesters.IR expl: coded by ahmadbady...

S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)

In The Name Of GOD + Exploit Title:remote change user and password exploit + Date: 2010 + script:S40 CMS v.0.4.1 beta + Software: http://s40.biz/?p=download + Author : pentesters.ir +discovered by:ahmadbady + Contact : [email protected] + Website : WwW.PenTesters.IR expl: coded by ahmadbady...

S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)

S40 CMS 0.4.1 - Cross-Site Request Forgery Change Admin Password In The Name Of GOD + Exploit Title:remote change user and password exploit + Date: 2010 + script:S40 CMS v.0.4.1 beta + Software: http://s40.biz/?p=download + Author : pentesters.ir +discovered by:ahmadbady + Contact :...