34 matches found
SweetRice-CMS-1.5.1-RCE-Exploit
SweetRice CMS 1.5.1 RCE Exploit Overview SweetRice CMS 1.5...
EUVD-2010-5275
Malware in sbrugna...
EUVD-2010-5274
Malware in sbrugna...
EUVD-2010-5276
Malware in sbrugna...
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
CVE-2010-5317
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...
CVE-2010-5316
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution Exploit
Exploit for php platform in category web applications Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;? 0day.today 2018-03-31...
SweetRice 1.5.1 Code Execution
Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;?...
SweetRice CMS Cross-Site Scripting Vulnerability
SweetRice is a simple content management system developed using PHP. A cross-site scripting vulnerability in as/index.php in SweetRice CMS versions prior to 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
SweetRice CMS Has Multiple SQL Injection Vulnerabilities
SweetRice is a simple content management system developed using PHP. Multiple SQL injection vulnerabilities in index.php in SweetRice CMS versions prior to 0.6.7.1 allow remote attackers to exploit the vulnerabilities to execute arbitrary SQL commands...
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
CVE-2010-5317
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...
CVE-2010-5316
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
Sql injection
Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via 1 the filename parameter in an attachment action, 2 the post parameter in a showcomment action, 3 the sys-name parameter in an rssfeed action, or 4 the...
Design/Logic Flaw
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
CVE-2010-5316
Cross-site scripting XSS vulnerability in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to inject arbitrary web script or HTML via a topheight cookie...
CVE-2010-5318
The password-reset feature in as/index.php in SweetRice CMS before 0.6.7.1 allows remote attackers to modify the administrator's password by specifying the administrator's e-mail address in the email parameter...
CVE-2010-5317
SweetRice CMS (PHP) contains multiple SQL injection vulnerabilities in index.php prior to version 0.6.7.1. The issues allow remote attackers to inject arbitrary SQL via: (1) file_name in an attachment action, (2) post in show_comment, (3) sys-name in rssfeed, and (4) sys-name in view. Exploitatio...