104 matches found
CVE-2007-6202
CVE-2007-6202 exposes a SQL injection in Neocrome Seditio CMS (plugins/search/search.php, via plug.php) on version 121 and earlier. The vulnerability arises from unsanitized input to the pag_sub parameter used in database queries when magic_quotes_gpc is disabled, allowing remote attackers to man...
seditio-sql.txt
= 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific user id default 1\n\n"; echo "examples:\n"; echo "php $argv0 http://site.com/ -p=cms\n"; echo "php $argv0...
Seditio CMS 121 Remote SQL Injection Exploit
No description provided by source. = 4.1, magicquotesgpc=Off echo \\\"------------------------------------------------------------\\\\n\\\"; echo \\\"Seditio CMS - use specific prefix default sed\\\\n\\\"; echo \\\"-id= &nb...
Seditio CMS <= 121 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =============================================== Seditio CMS = 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific...
Seditio CMS <= 121 Remote SQL Injection Exploit
No description provided by source. ?php Seditio CMS = 121 Remote SQL Injection Exploit Software site: http://www.neocrome.net/ By InATeam http://inattack.ru/ Requirements: MySQL = 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS = 12...
Seditio CMS 121 - SQL Injection
= 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific user id default 1\n\n"; echo "examples:\n"; echo "php $argv0 http://site.com/ -p=cms\n"; echo "php $argv0...
Seditio CMS 121 - SQL Injection
Seditio CMS 121 - SQL Injection = 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific user id default 1\n\n"; echo "examples:\n"; echo "php $argv0 http://site.com/ -p=cms\n...
Unrestricted file upload
Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with 1 .php.gif, 2 .php.jpg, or 3 .php.png...
CVE-2007-4057
Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with 1 .php.gif, 2 .php.jpg, or 3 .php.png...
CVE-2007-4057
Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with 1 .php.gif, 2 .php.jpg, or 3 .php.png...
CVE-2007-4057
The CVE-2007-4057 entry describes an unrestricted file upload vulnerability in Neocrome Seditio (pfs.php) affecting 121 and earlier. Remote authenticated users can upload arbitrary PHP code by supplying a filename ending in (1) .php.gif, (2) .php.jpg, or (3) .php.png, enabling code execution on t...
Seditio CMS <= v121 (pfs.php) Remote File Upload Vulnerability
No description provided by source. Seditio CMS Remote File Upload Vulnerability ReSearcher : A.D.T Script : Seditio and Ldu Cms Version : All Versions Script HomePage : http://neocrome.net/ Dork : "powered by seditio" or "powered by ldu" Risk : Very High! Usage : Firstly, you register the victim...
seditio-upload.txt
Seditio CMS Remote File Upload Vulnerability ReSearcher : A.D.T Script : Seditio and Ldu Cms Version : All Versions Script HomePage : http://neocrome.net/ Dork : "powered by seditio" or "powered by ldu" Risk : Very High! Usage : Firstly, you register the victim web site. After, go to "pfs.php" an...
Seditio CMS <= v121 (pfs.php) Remote File Upload Vulnerability
Exploit for unknown platform in category web applications ============================================================== Seditio CMS = v121 pfs.php Remote File Upload Vulnerability ============================================================== Seditio CMS Remote File Upload Vulnerability ReSearch...
Seditio CMS 121 - 'pfs.php' Arbitrary File Upload
Seditio CMS Remote File Upload Vulnerability ReSearcher : A.D.T Script : Seditio and Ldu Cms Version : All Versions Script HomePage : http://neocrome.net/ Dork : "powered by seditio" or "powered by ldu" Risk : Very High! Usage : Firstly, you register the victim web site. After, go to "pfs.php" an...
Seditio CMS 121 - pfs.php Arbitrary File Upload
Seditio CMS 121 - pfs.php Arbitrary File Upload Seditio CMS Remote File Upload Vulnerability ReSearcher : A.D.T Script : Seditio and Ldu Cms Version : All Versions Script HomePage : http://neocrome.net/ Dork : "powered by seditio" or "powered by ldu" Risk : Very High! Usage : Firstly, you registe...
Seditio Detection
The remote host is running Seditio, a moduler website engine powered by PHP and MySQL. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid23785; scriptversion"1.14"; scriptsetattributeattribute:"pluginmodificationdate...
CVE-2006-6344
Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earlier have unknown impact and attack vectors related to 1 plugins/ipsearch/ipsearch.admin.php, and 2 pfs/pfs.edit.inc.php, 3 users/users.register.inc.php in system/core. NOTE: the users.profile.inc.php vector is identified by...
CVE-2006-6343
SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2006-6344
Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earlier have unknown impact and attack vectors related to 1 plugins/ipsearch/ipsearch.admin.php, and 2 pfs/pfs.edit.inc.php, 3 users/users.register.inc.php in system/core. NOTE: the users.profile.inc.php vector is identified by...