MAL-2022-271 Malicious code in @feis-vanilla/cms-intl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5acba4a5007bbdb759150c8b21641818c0544b61fffec01d2ee2a06618e04606 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

VanillaCMS.txt

Vanilla CMS = 1.0.1 RootDirectory Remote file inclusion Vuln. Vendor : Vanilla CMS Demo : http://demo.opensourcecms.com/vanilla/ Get Source : http://getvanilla.org/ Vuln type : Remote Risk : High Author : MFox HomePage : Http://hackerz.ir/ Team : IHST Iran HackerZ Security Team Contact :...

CVE-2006-3850

PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/oldsettings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who states that the...

CVE-2006-3850

PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/oldsettings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who states that the...

CVE-2006-3850

Vanilla CMS 1.0.1 and earlier contains a remote file inclusion vulnerability in upgrader.php when /conf/old_settings.php exists. An attacker can dereference a URL in the RootDirectory parameter to execute arbitrary PHP code. The issue has been disputed for version 1.0 (some sources state the Root...

[KurdishVanilla CMS <= 1.0.1 (RootDirectory) Remote file inclusion Vuln.]

Vanilla CMS = 1.0.1 RootDirectory Remote file inclusion Vuln. Vendor : Vanilla CMS Demo : http://demo.opensourcecms.com/vanilla/ Get Source : http://getvanilla.org/ Vuln type : Remote Risk : High Author : MFox HomePage : Http://hackerz.ir/ Team : IHST Iran HackerZ Security Team Contact :...