CMS Made Simple <= 2.2.21 Multiple Vulnerabilities

CMS Made Simple is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cmsmadesimple:cmsmadesimple...

Concrete5 CMS 8.3.0 - Username Comments Enumeration

Concrete5 CMS 8.3.0 - Username Comments Enumeration !/usr/bin/env python3 Concrete5 8.3 vulnerable to Authorization Bypass Through User-Controlled Key IDOR CVE-2017-18195 Chapman R3naissance Schleiss from queue import Queue from threading import Thread from bs4 import BeautifulSoup from tabulate...

Spitfire CMS 1.1.4 - Cross-Site Request Forgery

Spitfire CMS 1.1.4 - Cross-Site Request Forgery Exploit Title: spitefire CMS - CSRF / ADD / EDTI / UPLOAD FILE Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://spitfire.clausmuus.de/...

Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems

Hello Bugtraq! I want to warn you about Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems. It's additional information to my advisories about MiniManager for Project MANGOS and HoloCMS. I have reported already about Insufficient Anti-automation and Denial of...