24 matches found
EUVD-2008-0713
Malware in sbrugna...
CVE-2012-10042 Sflog! CMS 1.0 Arbitrary File Upload RCE
Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials admin:secret and allows authenticated users to upload files via manage.php. The upload mechanism fails to validate file types, enabling...
PT-2025-32395 · Unknown · Sflog! Cms
Name of the Vulnerable Software and Affected Versions: Sflog! CMS version 1.0 Description: Sflog! CMS version 1.0 contains an authenticated arbitrary file upload issue in the blog management interface. The application includes default credentials admin:secret and permits authenticated users to...
Sourceforge sflog! 安全漏洞
Sourceforge sflog! is an open source content management system from Sourceforge. A security vulnerability exists in version 1.0 of Sourceforge sflog!, which stems from the blog management interface not validating file types, and could lead to arbitrary file uploads and remote code execution...
Sflog! CMS 1.0 - Arbitrary File Upload Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
sflog! <= 1.00 - Multiple Vulnerabilities
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-07-05 sflog! = 1.00 Multiple Vulnerabilities Script: sflog! is a flat and light CMS::Blog...
Sflog! CMS 1.0 - Arbitrary File Upload (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Sflog! CMS 1.0...
Sflog! CMS 1.0 Arbitrary File Upload
Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Sflog! CMS 1.0 Arbitrary File Upload
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Sflog! CMS 1.0...
Sflog! CMS 1.0 Arbitrary File Upload Vulnerability
This module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of "admin:secret", which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote...
sflog! <= 1.00 Multiple Vulnerabilities
Exploit for php platform in category web applications :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-07-05 sflog! // 1 ..cut.. 53 requireonce"./includes/entries.inc.php";...
sflog! - section Local File Inclusion
sflog! - section Local File Inclusion source: https://www.securityfocus.com/bid/54334/info sflog! is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the...
sflog! 1.00 - Multiple Vulnerabilities
sflog! 1.00 - Multiple Vulnerabilities :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-07-05 sflog! // 1 ..cut.. 53 requireonce"./includes/entries.inc.php"; // 4 ..cut...
sflog! 1.00 LFI / Password Disclosure / Shell Upload
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-07-05 sflog! // 1 ..cut.. 53 requireonce"./includes/entries.inc.php"; // 4 ..cut.. File: ./sflog/includes/pageHeader.inc.ph...
sflog! - 'section' Local File Inclusion
source: https://www.securityfocus.com/bid/54334/info sflog! is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. Thi...
CVE-2008-0703
Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. dot dot in the 1 permalink or 2 section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php...
CVE-2008-0703
CVE-2008-0703 affects sflog! 0.96 with multiple directory traversal flaws that allow remote attackers to read arbitrary files via a .. in the (1) permalink or (2) section parameter to index.php, potentially involving includes/entries.inc.php and other files included by index.php. The connected so...
CVE-2008-0703
Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. dot dot in the 1 permalink or 2 section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php...
sflog! 0.96 remote file disclosure vulnerabilities
sflog! 0.96 remote file disclosure vulnerabilities download http://sourceforge.net/projects/sflog/ author muuratsalo contact muuratsaloatgmail.com exploits http://localhost/sflog/?blog=test&permalink=../../../../../../../../../../etc/passwd...
sflog-disclose.txt
sflog! 0.96 remote file disclosure vulnerabilities download http://sourceforge.net/projects/sflog/ author muuratsalo contact muuratsaloatgmail.com exploits http://localhost/sflog/?blog=test&permalink=../../../../../../../../../../etc/passwd...