exploit the possibilities
Showing 26 - 50 of 100 RSS Feed

Files

Drupal CMS 7.12 Cross Site Request Forgery
Posted Mar 2, 2012
Authored by Ivano Binetti

Drupal CMS version 7.12 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 624cc16af3f882c63334256d25a4f257

Related Files

VamCart CMS 0.9 Cross Site Scripting
Posted Jul 15, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

VamCart CMS version 0.9 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5027ecf2cdc557885a9caa2855806dae
Reserve Logic Booking CMS 1.2 XSS / Shell Upload / SQL Injection
Posted Jul 12, 2012
Authored by Benjamin Kunz Mejri, Ibrahim El-Sayed | Site vulnerability-lab.com

Reserve Logic Booking CMS version 1.2 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
MD5 | b7bf7be034fe87a4b36cccd381fa6afb
WebsitePanel CMS Open Redirect
Posted Jul 8, 2012
Authored by Anastasios Monachos

WebsitePanel CMS versions prior to 1.2.2.1 suffer from an open redirection vulnerability.

tags | exploit
MD5 | 0d2d1d9da9a60de24ae029a01130d07d
Umbraco CMS Remote Command Execution
Posted Jul 6, 2012
Authored by juan vazquez, Toby Clarke | Site metasploit.com

This Metasploit module can be used to execute a payload on Umbraco CMS 4.7.0.378. The payload is uploaded as an ASPX script by sending a specially crafted SOAP request to codeEditorSave.asmx, which permits unauthorised file upload via the SaveDLRScript operation. SaveDLRScript is also subject to a path traversal vulnerability, allowing code to be placed into the web-accessible /umbraco/ directory. The module writes, executes and then overwrites an ASPX script; note that though the script content is removed, the file remains on the target. Automatic cleanup of the file is intended if a meterpreter payload is used. This Metasploit module has been tested successfully on Umbraco CMS 4.7.0.378 on a Windows 7 32-bit SP1. In this scenario, the "IIS APPPOOL\ASP.NET v4.0" user must have write permissions on the Windows Temp folder.

tags | exploit, web, asp, file upload
systems | windows, 7
MD5 | 55b249c7b416e0039642bb1ad643fe1b
CLscript CMS 3.0 SQL Injection / Cross Site Scripting
Posted Jul 5, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

CLscript CMS version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 2e55229f389776d22af3df78869442ac
Event Script PHP CMS 1.1 SQL Injection
Posted Jul 5, 2012
Authored by snup | Site vulnerability-lab.com

Event Script PHP CMS version 1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | 91b49b738a5862a863d3ae76ebc7b52f
Secunia Security Advisory 49771
Posted Jul 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Minishop plugin for gpEasy CMS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 2c6d2e1c1815231cb9edbf595d2e4cbb
Secunia Security Advisory 49767
Posted Jul 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in MBB CMS, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection, csrf
MD5 | 80e66f3455c78116702250468f9343e7
Tiki Wiki CMS Groupware 8.3 Code Execution
Posted Jul 4, 2012
Authored by EgiX

Tiki Wiki CMS Groupware versions 8.3 and below suffer from an unserialize() PHP code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2012-0911
MD5 | 1c5b9de0c1f8c1ae3bf112f9194fb15f
gp Easy CMS Minishop 1.5 Cross Site Scripting
Posted Jul 3, 2012
Authored by Carlos Mario Penahos Hollmann

gp Easy CMS with Minishop plugin version 1.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 70e7d1f1a4bdd572c3bda7f6e46006a8
CMS MBB 0.0.3 CSRF / XSS / SQL Injection
Posted Jul 2, 2012
Authored by the_cyber_nuxbie

CMS MBB version 0.0.3 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 9fb4ff8affb1497042b8070bb5d8c653
Hong Kong Firms CMS SQL Injection
Posted Jul 2, 2012
Authored by Am!r | Site irist.ir

Hong Kong Firms CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 8bc592a2b3c172356ce130ceddab65d3
Secunia Security Advisory 49785
Posted Jul 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in Magix CMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | b9cb59f096aeba1d70f4f7d89aade779
Secunia Security Advisory 49786
Posted Jul 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Items Manager plugin for GetSimple CMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 54d553a568394d518be2e84a2bac37ce
Secunia Security Advisory 49797
Posted Jul 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in Magix CMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 1b20317adaf5b5db5c4ad664fab04c6f
JAKCMS 2.2.6 Shell Upload
Posted Jun 29, 2012
Authored by Sammy FORGIT

JAKCMS version 2.2.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 537ddf2f2d9b6fbbd7da2d4839e2ac41
Lidosys CMS SQL Injection / Information Disclosure
Posted Jun 29, 2012
Authored by MustLive

Lidosys CMS suffers from remote SQL injection and information disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 05c22a185a7e67421c71c965269530df
Secunia Security Advisory 49677
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a vulnerability in LIOOSYS CMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 130c2fb678dd51defe4949802456411b
Secunia Security Advisory 49691
Posted Jun 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Monstra CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 2eb0fa0e7dbf67b8c857443f921345ac
Monstra CMS 1.1.6 Cross Site Request Forgery
Posted Jun 27, 2012
Authored by the_cyber_nuxbie

Monstra CMS version 1.1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | db0ee0bc78b0b187eaa30bdb087514b3
CMS Schoolhos 2.29 Cross Site Request Forgery / Cross Site Scripting / Shell Upload
Posted Jun 27, 2012
Authored by the_cyber_nuxbie

CMS Schoolhos version 2.29 suffers from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, csrf
MD5 | 99c5b5b32c79e56e37ffbea7be3a853f
Autopagina CMS 2.8 SQL Injection
Posted Jun 25, 2012
Authored by Sammy FORGIT

Autopagina CMS version 2.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a8b341071924160ea47bd8aa7ed81d2d
Wolf CMS / Frog CMS BD uploadR Shell Upload
Posted Jun 23, 2012
Authored by Sammy FORGIT

Wolf CMS / Frog CMS BD uploadR third party module suffers from an unauthenticated remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | d968ee9ee08fed9f682fc57d590c00a6
Secunia Security Advisory 49595
Posted Jun 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Lokomedia CMS, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and script insertion attacks.

tags | advisory, vulnerability, xss, csrf
MD5 | a2bc3341e97b924f197117b243610909
CMS DMS-Easy 0.9.8 CSRF / File Disclosure / Shell Upload
Posted Jun 23, 2012
Authored by the_cyber_nuxbie

CMS DMS-Easy version 0.9.8 suffers from cross site request forgery, file disclosure, add administrator, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 4e8b1197a182a46c5785f221b221dddc
Page 2 of 4
Back1234Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close