49 matches found
EUVD-2008-4141
Malware in sbrugna...
EUVD-2008-4058
Malware in sbrugna...
EUVD-2004-2187
Malware in sbrugna...
EUVD-2008-4142
Malware in sbrugna...
EUVD-2008-4059
Malware in sbrugna...
EUVD-2004-2188
Malware in sbrugna...
Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities
No description provided by source. +Zanfi CMS lite / Jaw Portal free index.php page Multiple Local File Inclusion +Discovered by SirGod +MorTal TeaM +Greetz E.M.I.N.EM,Ras,Puscasmarin,ToxicBlood,HrN,Kemrayz,007m + Dork : Powered by: Zanfi Solutions + Local File Inclusion PoC :...
ZanfiCmsLite多个安全漏洞
ZanfiCmsLite存在多个漏洞,远程攻击者可以利用这些漏洞获得路径信息或执行任意命令。 第一个漏洞是路径泄露漏洞,提交类似如下请求: http://localhost/cms/admpages.php 可返回包含路径信息的错误消息: Warning: mysqlquery: supplied argument is not a valid MySQL-Link resource in \ c:\appserv\www\cms\admpages.php on line 2 No blocks in the table...
CVE-2008-4158
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 flag and 2 inc parameters...
Sql injection
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page pageid parameter...
Directory traversal
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 flag and 2 inc parameters...
CVE-2008-4159
CVE-2008-4159 concerns an SQL injection in index.php used by Jaw Portal and Zanfi CMS lite. The vulnerability permits remote attackers to execute arbitrary SQL commands through the pageid parameter, as described in the CVE entry. Affected software/components are specifically Jaw Portal's index.ph...
CVE-2008-4158
CVE-2008-4158 affects Zanfi CMS lite 1.2. Multiple directory traversal vulnerabilities in index.php allow remote attackers to include and execute arbitrary local files via a .. in the flag and inc parameters. The NVD record lists this as a MEDIUM severity (CVSS v2: AV:N/AC:M/Au:N/C:P/I:P/A:P; bas...
CVE-2008-4158
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 flag and 2 inc parameters...
CVE-2008-4159
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page pageid parameter...
CVE-2008-4073
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action...
CVE-2008-4074
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...
Sql injection
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a DBpAGE action...
Sql injection
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...
CVE-2008-4074
SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action...