19 matches found
EUVD-2004-2188
Malware in sbrugna...
EUVD-2008-4142
Malware in sbrugna...
Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities
No description provided by source. +Zanfi CMS lite / Jaw Portal free index.php page Multiple Local File Inclusion +Discovered by SirGod +MorTal TeaM +Greetz E.M.I.N.EM,Ras,Puscasmarin,ToxicBlood,HrN,Kemrayz,007m + Dork : Powered by: Zanfi Solutions + Local File Inclusion PoC :...
CVE-2008-4158
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 flag and 2 inc parameters...
Directory traversal
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 flag and 2 inc parameters...
Sql injection
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page pageid parameter...
CVE-2008-4159
CVE-2008-4159 concerns an SQL injection in index.php used by Jaw Portal and Zanfi CMS lite. The vulnerability permits remote attackers to execute arbitrary SQL commands through the pageid parameter, as described in the CVE entry. Affected software/components are specifically Jaw Portal's index.ph...
Zanfi CMS lite / Jaw Portal free (fckeditor) Arbitrary File Upload Vuln
No description provided by source. S.W.A.T. Title: Zanfi CMS lite / Jaw Portal free fckeditor Remote Arbitrary File Upload Vendor: http://www.zanfi.nl/down.php?file=ZanfiCmsLite.rar Discover by : S.W.A.T. [email protected] Impact: Medium Fix: Disable The Uploader In Config File ; Demo:...
zanficms-upload.txt
S.W.A.T. Title: Zanfi CMS lite / Jaw Portal free fckeditor Remote Arbitrary File Upload Vendor: http://www.zanfi.nl/down.php?file=ZanfiCmsLite.rar Discover by : S.W.A.T. [email protected] Impact: Medium Fix: Disable The Uploader In Config File ; Demo:...
Zanfi CMS lite / Jaw Portal free (page) SQL Injection Vulnerability
Exploit for unknown platform in category web applications =================================================================== Zanfi CMS lite / Jaw Portal free page SQL Injection Vulnerability =================================================================== APPLICATION : Zanfi CMS lite / Jaw...
Zanfi CMS lite 2.1 Jaw Portal free - FCKeditor Arbitrary File Upload
Zanfi CMS lite 2.1 Jaw Portal free - FCKeditor Arbitrary File Upload !/usr/bin/perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; print ; print "Enter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $re = $ua-requestPOST...
Zanfi CMS lite 1.2 - Multiple Local File Inclusions
Zanfi CMS lite 1.2 - Multiple Local File Inclusions +Zanfi CMS lite / Jaw Portal free index.php page Multiple Local File Inclusion +Discovered by SirGod +MorTal TeaM +Greetz E.M.I.N.EM,Ras,Puscasmarin,ToxicBlood,HrN,Kemrayz,007m + Dork : Powered by: Zanfi Solutions + Local File Inclusion PoC :...
Zanfi CMS lite Jaw Portal free - page SQL Injection
Zanfi CMS lite Jaw Portal free - page SQL Injection ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + Zanfi CMS lite / Jaw Portal free SQL Injection Vulnerability + + + + Discovered by Cru3l.b0y + + + + WwW.DeltaHacking.Net + + + + + + +...
CVE-2004-2196
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to 1 admpages.php, 2 corrpages.php, 3 delblock.php, 4 delpage.php, 5 footer.php, 6 home.php, and others...
CVE-2004-2195
Zanfi CMS Lite 1.1 is affected by a PHP remote file inclusion in index.php via the inc parameter, leading to arbitrary PHP code execution. The issue is a file inclusion vulnerability in Zanfi CMS Lite’s index.php that allows an attacker to have the remote script include and run attacker-controlle...
CVE-2004-2196
Affected product: Zanfi CMS lite 1.1. The vulnerability is a path disclosure issue where remote attackers can obtain the full path of the web server by directly requesting pages (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. R...
CVE-2004-2195
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter...
CVE-2004-2196
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to 1 admpages.php, 2 corrpages.php, 3 delblock.php, 4 delpage.php, 5 footer.php, 6 home.php, and others...
Zanfi CMS Lite index.php inc Parameter Remote File Inclusion
The remote host is running Zanfi CMS Lite, a content management system written in PHP. There is a bug in the remote version of this software that may allow an attacker to execute arbitrary commands on the remote host by using a file inclusion bug in the file 'index.php'. An attacker may execute...