Lucene search
K

33 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-2291

Malware in sbrugna...

10CVSS6.4AI score0.03204EPSS
Exploits0References5
myhack58
myhack58
added 2011/03/31 12:0 a.m.33 views

PHP-Nuke 8. x <= "chng_uid" blind defect and repair-vulnerability warning-the black bar safety net

Affected version: PHP-Nuke 8. x = Vulnerability description: PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articles with users system. Each user can submit comments to discuss the articles. Main features...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2011/03/28 12:0 a.m.27 views

PHP-Nuke 8.x &lt;= &quot;chng_uid&quot; Blind SQL Injection Vulnerability

PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articles with users system. Each user can submit comments to discuss the articles. Main features include: web based admin, surveys, top page, access stats pag...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/23 12:0 a.m.34 views

PHP-Nuke 8.x Cross Site Scripting

PHP-Nuke 8.x = Cross Site Scripting Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articl...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2011/03/23 12:0 a.m.68 views

PHP-Nuke 8.x &lt;= &quot;chng_uid&quot; Blind SQL Injection Vulnerability

PHP-Nuke 8.x = Blind SQL Injection Vulnerability 1. OVERVIEW The administration backend of PHP-Nuke 8.x is vulnerable to Blind SQL Injection. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2011/03/23 12:0 a.m.54 views

PHP-Nuke 8.x &lt;= Cross Site Scripting Vulnerability

PHP-Nuke 8.x = Cross Site Scripting Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articl...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/23 12:0 a.m.37 views

PHP-Nuke 8.x Cross Site Request Forgery

PHP-Nuke 8.x = Cross Site Request Forgery CSRF / Anti-CSRF Bypass Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower versions are vulnerable to Cross Site Request Forgery CSRF because its Anti-CSRF mechanism Referer Check is found to be broken. 2. BACKGROUND PHP-Nuke is a Web Portal...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2011/03/23 12:0 a.m.41 views

PHP-Nuke 8.x &lt;= Cross Site Request Forgery &#40;CSRF&#41; / Anti-CSRF Bypass Vulnerability

PHP-Nuke 8.x = Cross Site Request Forgery CSRF / Anti-CSRF Bypass Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower versions are vulnerable to Cross Site Request Forgery CSRF because its Anti-CSRF mechanism Referer Check is found to be broken. 2. BACKGROUND PHP-Nuke is a Web Portal...

0.3AI score
Exploits0
0day.today
0day.today
added 2011/01/11 12:0 a.m.30 views

Maximus CMS (fckeditor) Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications | | /||\ / \ /===============================================================================\ |Exploit Title: maximus-cms fckeditor Arbitrary File Upload Vulnerability | |develop: http://www.php-maximus.org | |Version: Maximus 2008 CMS: Web...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/01/10 12:0 a.m.22 views

Maximus CMS 1.1.2 - FCKeditor Arbitrary File Upload

Maximus CMS 1.1.2 - FCKeditor Arbitrary File Upload | | /||\ / \ /===============================================================================\ |Exploit Title: maximus-cms fckeditor Arbitrary File Upload Vulnerability | |develop: http://www.php-maximus.org | |Version: Maximus 2008 CMS: Web...

Exploits0
Packet Storm
Packet Storm
added 2011/01/10 12:0 a.m.19 views

Maximus 2008 CMS Shell Upload

maximus-cms fckeditor Arbitrary File Upload Vulnerability /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \\ \ \ \ \ \ \ \ \ \\ \ \ \ // // //...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/01/10 12:0 a.m.22 views

Maximus CMS 1.1.2 - &#039;FCKeditor&#039; Arbitrary File Upload

| | /||\ / \ /===============================================================================\ |Exploit Title: maximus-cms fckeditor Arbitrary File Upload Vulnerability | |develop: http://www.php-maximus.org | |Version: Maximus 2008 CMS: Web Portal System v.1.1.2 | |Tested On: Live site | |Dork:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/10/25 12:0 a.m.18 views

PHP-Nuke管理权限泄露

PHP-Nuke Web Portal System存在一个权限确认错误,通过提交一个特殊的URL请求, 远程用户有可能获取管理员权限。 1.0/2.5 升级到PHP-Nuke 3.0: Francisco Burzi PHP-Nuke 2.5: Francisco Burzi upgrade Nuke-3.0.tar.gz http://www.ncc.org.ve/php-nuke.php3?op=download&location=http://download.sourceforge.net/phpnuke&file=PHP-Nuke-3.0.tar.gz Francisco...

7.1AI score
Exploits0
Prion
Prion
added 2006/01/09 11:3 a.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the guestbook module in modules.php in Phanatic Softwares Chimera Web Portal System 0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 commentposter, 2 commentposteremail, 3 commentposterhomepage, and 4 commenttext...

4.3CVSS6AI score0.01764EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/01/09 11:0 a.m.19 views

CVE-2006-0136

Multiple cross-site scripting XSS vulnerabilities in the guestbook module in modules.php in Phanatic Softwares Chimera Web Portal System 0.2 allow remote attackers to inject arbitrary web script or HTML via the 1 commentposter, 2 commentposteremail, 3 commentposterhomepage, and 4 commenttext...

5.8AI score0.01764EPSS
Exploits1References5
CVE
CVE
added 2006/01/09 11:0 a.m.120 views

CVE-2006-0137

CVE-2006-0137 describes an SQL injection in Chimera Web Portal System 0.2, specifically in linkcategory.php where the id parameter can be used by a remote attacker to execute arbitrary SQL commands. The linked CPAI advisories confirm the vulnerability as SQL injection in the Chimera Web Portal Sy...

7.5CVSS8.3AI score0.01315EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2006/01/09 11:0 a.m.54 views

CVE-2006-0136

Phanatic Software’s Chimera Web Portal System 0.2 is affected by multiple cross-site scripting (XSS) vulnerabilities in the guestbook module (modules.php). The flaw allows remote attackers to inject arbitrary script or HTML via the comment_poster, comment_poster_email, comment_poster_homepage, or...

4.3CVSS5.8AI score0.01764EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2006/01/04 12:0 a.m.25 views

EV0007.txt

New eVuln Advisory: Chimera Web Portal System Multiple Vulnerabilities --------------------Summary---------------- Vendor: Phanatic Softwares http://www.psoftwares.f2s.com/ Software: Chimera Web Portal System http://sourceforge.net/projects/chimera/ Versions: 0.2 Critical Level: Moderate Type:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/01/03 12:0 a.m.35 views

[eVuln] Chimera Web Portal System Multiple Vulnerabilities

New eVuln Advisory: Chimera Web Portal System Multiple Vulnerabilities --------------------Summary---------------- Vendor: Phanatic Softwares http://www.psoftwares.f2s.com/ Software: Chimera Web Portal System http://sourceforge.net/projects/chimera/ Versions: 0.2 Critical Level: Moderate Type:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/11/28 12:0 a.m.28 views

Geeklog 1.4.x Full Path Disclosure vuln.

Geeklog 1.4.x Full Path Disclosure vuln. Vuln. dicovered by : r0t Date: 28 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/geeklog-14x-full-path-disclosure-vuln.html Vendor:http://www.geeklog.net/ affected version:1.4.0 Beta 1 and prior Product Description: Geeklog is a Web Portal...

7.2AI score
Exploits0
Rows per page
Query Builder