exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

ES CMS 0.1 SQL Injection
Posted Nov 25, 2012
Authored by Mr.XpR

ES CMS version 1.0 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | daa80edba48418d7f028eef0daced982f7b36eff55719be1f08023c6b001181e

Related Files

VamCart CMS 0.9 Cross Site Scripting
Posted Jul 15, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VamCart CMS version 0.9 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 20b70ae83034a770d8f15b30a15883ea7321b714bb164532950b8650047e65d1
Reserve Logic Booking CMS 1.2 XSS / Shell Upload / SQL Injection
Posted Jul 12, 2012
Authored by Benjamin Kunz Mejri, Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

Reserve Logic Booking CMS version 1.2 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | 1bcd167be1966e35fa668a2afcf28bee8301174dc1d4b0d98f66c88ee4769fb0
WebsitePanel CMS Open Redirect
Posted Jul 8, 2012
Authored by Anastasios Monachos

WebsitePanel CMS versions prior to 1.2.2.1 suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | f3d18a3cdffa39c307617de82222186276ef53444e6663c5f876e672f7f6a760
Umbraco CMS Remote Command Execution
Posted Jul 6, 2012
Authored by juan vazquez, Toby Clarke | Site metasploit.com

This Metasploit module can be used to execute a payload on Umbraco CMS 4.7.0.378. The payload is uploaded as an ASPX script by sending a specially crafted SOAP request to codeEditorSave.asmx, which permits unauthorised file upload via the SaveDLRScript operation. SaveDLRScript is also subject to a path traversal vulnerability, allowing code to be placed into the web-accessible /umbraco/ directory. The module writes, executes and then overwrites an ASPX script; note that though the script content is removed, the file remains on the target. Automatic cleanup of the file is intended if a meterpreter payload is used. This Metasploit module has been tested successfully on Umbraco CMS 4.7.0.378 on a Windows 7 32-bit SP1. In this scenario, the "IIS APPPOOL\ASP.NET v4.0" user must have write permissions on the Windows Temp folder.

tags | exploit, web, asp, file upload
systems | windows
SHA-256 | a969edd9061df64ff92c55db7b277da617626bfa9448eab4978dfbd56a0d42bb
CLscript CMS 3.0 SQL Injection / Cross Site Scripting
Posted Jul 5, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

CLscript CMS version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 8635091a03cadff818ef882b8c084b7b4a9bae7ba416e78dcb8b0dba8b1a1761
Event Script PHP CMS 1.1 SQL Injection
Posted Jul 5, 2012
Authored by Hubert Wojciechowski, Vulnerability Laboratory | Site vulnerability-lab.com

Event Script PHP CMS version 1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | b4ea2c8291eef176dcb4692e33a55c32bca11c42097bbc2d66d036a17833ef60
Secunia Security Advisory 49771
Posted Jul 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Minishop plugin for gpEasy CMS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 313b179aea0633f46397ceea096800641b76bb58f71189ba768a98ae22632eb1
Secunia Security Advisory 49767
Posted Jul 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in MBB CMS, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection, csrf
SHA-256 | 3f2e29e8282e0bb0cdfba3ff6681661cd3c828914b36cb6936bdee445d5231e4
Tiki Wiki CMS Groupware 8.3 Code Execution
Posted Jul 4, 2012
Authored by EgiX

Tiki Wiki CMS Groupware versions 8.3 and below suffer from an unserialize() PHP code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2012-0911
SHA-256 | 1131c8a6485c082585a271f33d7953e4f5c4c0779bc61c2352ed14fa8c3a700a
gp Easy CMS Minishop 1.5 Cross Site Scripting
Posted Jul 3, 2012
Authored by Carlos Mario Penahos Hollmann

gp Easy CMS with Minishop plugin version 1.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6d4b62f9487a164867af96f8d469b70aabc6091f5ecec316b4a62639a6cb766b
CMS MBB 0.0.3 CSRF / XSS / SQL Injection
Posted Jul 2, 2012
Authored by the_cyber_nuxbie

CMS MBB version 0.0.3 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | f8115ab5262866df0a5eae163876f8c327672e68afc452e1ad5591d558ae9c5f
Hong Kong Firms CMS SQL Injection
Posted Jul 2, 2012
Authored by Am!r | Site irist.ir

Hong Kong Firms CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 6810a857bdaa9282f31993bb7bbad89edeb6aa57a3b19f0962d31538d7fb6c0f
Secunia Security Advisory 49785
Posted Jul 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in Magix CMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | f7c54d574bc10c94bd493fbf54976f8365de0b8ad4ba1d833d1faaafe1160765
Secunia Security Advisory 49786
Posted Jul 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Items Manager plugin for GetSimple CMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | bac3348b2a4f3591e49f5a2cf12251641e00d52ca7be21a7931e5738f34470c1
Secunia Security Advisory 49797
Posted Jul 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in Magix CMS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 301312788841890dc2d172a124ba4bf5b84eb9e792dbd55e66684929b368583f
JAKCMS 2.2.6 Shell Upload
Posted Jun 29, 2012
Authored by Sammy FORGIT

JAKCMS version 2.2.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 8979837fbdfb46b12bd7cad18d277dc1d78e57253e57f5b607581b9edb59d77e
Lidosys CMS SQL Injection / Information Disclosure
Posted Jun 29, 2012
Authored by MustLive

Lidosys CMS suffers from remote SQL injection and information disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
SHA-256 | aed75f9b422d398ddc8a3bc152ec5a54b7aa049ce7c63239350a7471edf79f3c
Secunia Security Advisory 49677
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a vulnerability in LIOOSYS CMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 393c91e18023985823f995873fb19a756d7936f1767d9fb52a4501077ca71355
Secunia Security Advisory 49691
Posted Jun 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Monstra CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 265c7b5dcba3142e383147478c9ad171f9141885ab1eaea0928cf8a5cbbffcea
Monstra CMS 1.1.6 Cross Site Request Forgery
Posted Jun 27, 2012
Authored by the_cyber_nuxbie

Monstra CMS version 1.1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 731af584c0e15ee24021912c4c439fb486a533ce3eb3f64e31912a90faa9b533
CMS Schoolhos 2.29 Cross Site Request Forgery / Cross Site Scripting / Shell Upload
Posted Jun 27, 2012
Authored by the_cyber_nuxbie

CMS Schoolhos version 2.29 suffers from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, csrf
SHA-256 | 8c52b0a930e74fc8e99a43dc214d1d9ad81e8f6781510fc34a208b1871870548
Autopagina CMS 2.8 SQL Injection
Posted Jun 25, 2012
Authored by Sammy FORGIT

Autopagina CMS version 2.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a563a2bdda1882cafa89faf3ca21ba53255d47d50c45f1edde7b0866d86b906f
Wolf CMS / Frog CMS BD uploadR Shell Upload
Posted Jun 23, 2012
Authored by Sammy FORGIT

Wolf CMS / Frog CMS BD uploadR third party module suffers from an unauthenticated remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7862b280d447ca7cc95905170c85512b0e3708ccdf66616a1a377cdd51241072
Secunia Security Advisory 49595
Posted Jun 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Lokomedia CMS, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and script insertion attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | bf0c6825aed03c3ad710fc3cbbb6924505fe0d28836a01016a17c64d63392145
CMS DMS-Easy 0.9.8 CSRF / File Disclosure / Shell Upload
Posted Jun 23, 2012
Authored by the_cyber_nuxbie

CMS DMS-Easy version 0.9.8 suffers from cross site request forgery, file disclosure, add administrator, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 7bcf5e1148964c841fe99106d5c5a057887f28fa0dd89c2797b40562b95b703a
Page 2 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close