26 matches found
EUVD-2003-1204
Malware in sbrugna...
EUVD-2008-2132
Malware in sbrugna...
VisualShapers EzContents 2.0.3 Loginreq2.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19780/info ezContents is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code...
VisualShapers EZContents 1.4/2.0 Module.PHP Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9396/info A problem in handling of specific types of input passed to the module.php script in VisualShapers ezContents has been discovered. Because of this, an attacker may be able to gain unauthorized access to vulnerabl...
VisualShapers ezContents <= 2.0.3 Authentication Bypass and Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/37858/info VisualShapers ezContents is prone to an authentication-bypass vulnerability and multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL quer...
VisualShapers ezContents 1.4.5 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26737/info VisualShapers ezContents is prone to a vulnerability that allows remote attackers to display the contents of arbitrary local files in the context of the webserver process. An attacker can exploit this issue to...
VisualShapers EZContents 2.0.3 - Authentication Bypass Multiple SQL Injections
VisualShapers EZContents 2.0.3 - Authentication Bypass Multiple SQL Injections source: https://www.securityfocus.com/bid/37858/info VisualShapers ezContents is prone to an authentication-bypass vulnerability and multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize...
VisualShapers EZContents 2.0.3 - Authentication Bypass / Multiple SQL Injections
source: https://www.securityfocus.com/bid/37858/info VisualShapers ezContents is prone to an authentication-bypass vulnerability and multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
CVE-2008-2135
Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the 1 contentname parameter to showdetails.php and the 2 article parameter to printer.php...
Sql injection
Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the 1 contentname parameter to showdetails.php and the 2 article parameter to printer.php...
CVE-2008-2135
CVE-2008-2135 affects VisualShapers ezContents 2.0.0. The vulnerability is described as multiple SQL injection flaws in showdetails.php (parameter: contentname) and printer.php (parameter: article), allowing remote attackers to construct arbitrary SQL commands. The NVD entry lists a HIGH base sco...
CVE-2008-2135
Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the 1 contentname parameter to showdetails.php and the 2 article parameter to printer.php...
ezcontents-disclosure.txt
-------------------------------------------------------------- ezContents Version 1.4.5 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.visualshapers.com/ author : p4imi0 contact : [email protected] exploit :...
ezContents Version 1.4.5 Remote File Disclosure Vulnerability.
-------------------------------------------------------------- ezContents Version 1.4.5 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.visualshapers.com/ author : p4imi0 contact : [email protected] exploit :...
EZContents 1.4.5 - index.php?link Remote File Disclosure
EZContents 1.4.5 - index.php?link Remote File Disclosure -------------------------------------------------------------- ezContents Version 1.4.5 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.visualshapers.com/ author :...
EZContents 1.4.5 - 'index.php?link' Remote File Disclosure
-------------------------------------------------------------- ezContents Version 1.4.5 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.visualshapers.com/ author : p4imi0 contact : [email protected] exploit :...
VisualShapers EZContents 1.4.5 - File Disclosure
VisualShapers EZContents 1.4.5 - File Disclosure source: https://www.securityfocus.com/bid/26737/info VisualShapers ezContents is prone to a vulnerability that allows remote attackers to display the contents of arbitrary local files in the context of the webserver process. An attacker can exploit...
VisualShapers EZContents 1.4.5 - File Disclosure
source: https://www.securityfocus.com/bid/26737/info VisualShapers ezContents is prone to a vulnerability that allows remote attackers to display the contents of arbitrary local files in the context of the webserver process. An attacker can exploit this issue to retrieve potentially sensitive...
Visualshapers EzContents GLOBALS[rootdp]远程文件包含漏洞
Visualshapers EzContents是一款基于PHP的内容管理程序。 Visualshapers EzContents不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于多个脚本对用户提交的WEB参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 VisualShapers ezContents 2.0.3 漏洞提供者 DarkFig...
VisualShapers EZContents 2.0.3 - 'Loginreq2.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/19780/info ezContents is prone to a cross-site scripting vulnerability because it fails to sanitize input before displaying it to users of the application. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...