Lucene search
K

55 matches found

OpenVAS
OpenVAS
added 2014/06/16 12:0 a.m.23 views

ZeroCMS Privilege Escalation & SQL Injection Vulnerabilities

ZeroCMS is prone to privilege escalation, cross-site scripting and sql injection vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

7.5CVSS6.2AI score0.0625EPSS
Exploits16References10
0day.today
0day.today
added 2014/06/14 12:0 a.m.19 views

ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation

Exploit for php platform in category web applications import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: email protected Tested on: php 5.4....

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/06/13 12:0 a.m.14 views

ZeroCMS 1.0 - zero_transact_user.php Handling Privilege Escalation

ZeroCMS 1.0 - zerotransactuser.php Handling Privilege Escalation import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: [email protected]...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2014/06/13 12:0 a.m.23 views

ZeroCMS 1.0 - 'zero_transact_user.php' Handling Privilege Escalation

import sys,getopt,cookielib,urllib2,urllib ZeroCMS 1.0 zerotransactuser.php Impropper Form post hanling, parameter polution Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ author: [email protected] Tested on: php 5.4.27 OSVDB ID: 108025 description Summary: ZeroC...

7.4AI score
Exploits0
0day.today
0day.today
added 2014/06/12 12:0 a.m.19 views

ZeroCMS 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications ZeroCMS 1.0 articleid SQL Injection Vulnerability Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ Affected version: 1.0 Summary: ZeroCMS is a very simple Content Management System built using PHP and MySQL. Desc:...

7.1AI score
Exploits0
NVD
NVD
added 2014/06/11 2:55 p.m.16 views

CVE-2014-4034

SQL injection vulnerability in zeroviewarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter...

7.5CVSS8.2AI score0.0625EPSS
Exploits2References13
Prion
Prion
added 2014/06/11 2:55 p.m.23 views

Sql injection

SQL injection vulnerability in zeroviewarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter...

7.5CVSS9AI score0.0625EPSS
Exploits2References13Affected Software1
CVE
CVE
added 2014/06/11 2:0 p.m.54 views

CVE-2014-4034

CVE-2014-4034 concerns ZeroCMS 1.0, where a SQL injection flaw exists in zero_view_article.php via the article_id parameter. The vulnerability allows remote attackers to manipulate SQL queries and potentially access or alter data in the backend. The issue is documented with a base CVSS v2 score o...

7.5CVSS8.5AI score0.0625EPSS
Exploits2References13Affected Software1
Cvelist
Cvelist
added 2014/06/11 2:0 p.m.19 views

CVE-2014-4034

SQL injection vulnerability in zeroviewarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter...

8.2AI score0.0625EPSS
Exploits2References13
exploitpack
exploitpack
added 2014/06/10 12:0 a.m.15 views

ZeroCMS 1.0 - zero_view_article.php SQL Injection

ZeroCMS 1.0 - zeroviewarticle.php SQL Injection ZeroCMS 1.0 articleid SQL Injection Vulnerability Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ Affected version: 1.0 Summary: ZeroCMS is a very simple Content Management System built using PHP and MySQL. Desc: Input...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/06/10 12:0 a.m.21 views

ZeroCMS 1.0 - 'zero_view_article.php' SQL Injection

ZeroCMS 1.0 articleid SQL Injection Vulnerability Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ Affected version: 1.0 Summary: ZeroCMS is a very simple Content Management System built using PHP and MySQL. Desc: Input passed via the 'articleid' GET parameter to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/06/09 12:0 a.m.22 views

ZeroCMS 1.0 SQL Injection

ZeroCMS 1.0 articleid SQL Injection Vulnerability Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms/ Affected version: 1.0 Summary: ZeroCMS is a very simple Content Management System built using PHP and MySQL. Desc: Input passed via the 'articleid' GET parameter to...

0.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2014/06/09 12:0 a.m.129 views

ZeroCMS 1.0 (article_id) SQL Injection Vulnerability

Summary ZeroCMS is a very simple Content Management System built using PHP and MySQL. Description Input passed via the 'articleid' GET parameter to zeroviewarticle.php script is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting...

7.5CVSS6AI score0.0625EPSS
Exploits2
exploitpack
exploitpack
added 2008/01/08 12:0 a.m.12 views

ZeroCMS 1.0 Alpha - Arbitrary File Upload SQL Injection

ZeroCMS 1.0 Alpha - Arbitrary File Upload SQL Injection | | | / | |\ \ / | / |/ | | | | |/ \ | | | |||| | | /| / / | | Zero CMS Remote Arbitrary File Upload / SQL Injections | | Version: = 1.0 Alpha Last | | Vendor: www.zero-cms.com | | Discovered by: KiNgOfThEwOrLd | | Intro: | | | | An...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/08 12:0 a.m.36 views

ZeroCMS 1.0 Alpha - Arbitrary File Upload / SQL Injection

| | | / | |\ \ / | / |/ | | | | |/ \ | | | |||| | | /| / / | | Zero CMS Remote Arbitrary File Upload / SQL Injections | | Version: = 1.0 Alpha Last | | Vendor: www.zero-cms.com | | Discovered by: KiNgOfThEwOrLd | | Intro: | | | | An attacker can bypass the avatar upload extension filter editing...

7.4AI score
Exploits0
Rows per page
Query Builder