24 matches found
EUVD-2008-3192
Malware in sbrugna...
EUVD-2008-2478
Malware in sbrugna...
EUVD-2008-2479
Malware in sbrugna...
Xomol CMS 1.2 'index.php' HTML Injection and Cross-Site Scripting Vulnerabilities
No description provided by source...
Xomol CMS <= 1.2 Login Bypass / LFI Vulnerabilities
No description provided by source. '/ -.- -------------oOO------OOo------------ | Xomol CMS v1 Login Bypass & LFI | | coded by DNX | ---------------------------------------- ! Discovered.: DNX ! Vendor.....: http://www.xomol.net ! Detected...: 12.05.2008 ! Reported...: 13.05.2008 didn't work: hos...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the currenturl parameter in a tellafriend action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informati...
CVE-2008-3202
Cross-site scripting XSS vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the currenturl parameter in a tellafriend action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informati...
CVE-2008-3202
CVE-2008-3202 describes a cross-site scripting (XSS) vulnerability in Xomol CMS 1.2, exploitable via the current_url parameter of the tellafriend action in index.php. The issue allows remote attackers to inject arbitrary script or HTML. Documents do not provide explicit remediation steps; no expl...
Xomol CMS 1.2 - index.php HTML Injection Cross-Site Scripting
Xomol CMS 1.2 - index.php HTML Injection Cross-Site Scripting source: https://www.securityfocus.com/bid/30156/info Xomol CMS is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage the...
Xomol CMS 1.2 - '/index.php' HTML Injection / Cross-Site Scripting
source: https://www.securityfocus.com/bid/30156/info Xomol CMS is prone to an HTML-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of a...
CVE-2008-2483
Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the op parameter...
CVE-2008-2484
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter...
Directory traversal
Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the op parameter...
Sql injection
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2008-2483
Directory traversal vulnerability in index.php in Xomol CMS 1.20071213 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the op parameter...
CVE-2008-2484
SQL injection vulnerability in index.php in Xomol CMS 1.20071213, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2008-2483
CVE-2008-2483 describes a directory traversal vulnerability in Xomol CMS 1.20071213 (index.php) that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the op parameter. The NVD entry lists a CVSSv2 base score of 6.8 (MEDIUM) with network exploitability, re...
CVE-2008-2484
CVE-2008-2484 : A SQL injection in index.php of Xomol CMS 1.20071213 (magic_quotes_gpc disabled) allows remote attackers to execute arbitrary SQL via the email parameter. The NVD description confirms the vulnerable component and input vector; exploitation status is not provided in the connected d...
Xomol CMS v1 Login Bypass / LFI Vulnerabilities
No description provided by source. '/ -.- -------------oOO------OOo------------ | Xomol CMS v1 Login Bypass & LFI | | coded by DNX | ---------------------------------------- ! Discovered.: DNX ! Vendor.....: http://www.xomol.net ! Detected...: 12.05.2008 ! Reported...: 13.05.2008 didn't work: hos...
xomol-bypasslfi.txt
'/ -.- -------------oOO------OOo------------ | Xomol CMS v1 Login Bypass & LFI | | coded by DNX | ---------------------------------------- ! Discovered.: DNX ! Vendor.....: http://www.xomol.net ! Detected...: 12.05.2008 ! Reported...: 13.05.2008 didn't work: host mail.xomol.net said: 554 5.7.1 -...