Exponent CMS version 2.3.1 suffers from multiple cross site scripting vulnerabilities.
d7c212b63775bde5c49ae7979f6feda188aeede831184a2ef05a72bfb78c0ad3
QuickBlog CMS version 0.8 suffers from remote SQL injection and cross site scripting vulnerabilities.
aeefb55ee1e56cabcf07b2bdf78fed32aaa8cd72fc95e6392e633ba4a8dc2ab9
Boonex Dolphin CMS version 7.0.9 suffers from multiple cross site scripting vulnerabilities.
56778486f15bee8dda31ec3acd689cb38f68d2dbebea89e505c00bddeeb387f8
Zimplit CMS version 3.0 suffers from cross site request forgery, local file inclusion, and remote shell upload vulnerabilities.
d687242f45ad944f038ec802f8b8dca7bd6897fa90332f14a9e5e39818973784
CMS Wizard suffers from a remote SQL injection vulnerability.
52ed2fed6ce6b85786204c6fe3cef0f6ccfc46db20c8d2c40ab56d6bab8fba04
Secunia Security Advisory - Two vulnerabilities have been discovered in SyndeoCMS, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
348c02dbcea9182ce6ca9a5be001222e6eef9ecbfa82e29d03f5d09880404a86
StyleDesign CMS suffers from a remote SQL injection vulnerability.
9245f4296cae4d66fd3a2cd48c7e10efe9f94637f6b20f0b08aa56f45981be4e
PyroCMS version 2.1.1 suffers from CRLF injection and stored cross site scripting vulnerabilities.
5053cd5681c7e2370439dde2d747575873c3c5195878aafc31db53687d0ef75e
Della CMS suffers from a remote SQL injection vulnerability.
c37c58d1b6ea4049a82103f8f17cbb15a2b8207cd0af6227c25d7be8e567e625
CMS Faethon version 1.3.4 suffers from a remote SQL injection vulnerability. This is against a very old version of this software.
459859a75f9b4c84edc8f4f38a5293b2f0696b2ca5646089b7ca33c4948f94d7
This Metasploit module exploits the "Ajax File and Image Manager" component that can be found in log1 CMS. In function.base.php of this component, the 'data' parameter in writeInfo() allows any malicious user to have direct control of writing data to file data.php, which results in arbitrary remote code execution.
5f8de96e6ea32234373a0a7a5100ed196a91a7eb2302465bc03aeaa9b7bfff70
TinyCMS version 1.3 suffers from cross site request forgery, file upload, and local file inclusion vulnerabilities.
33264e933a369719404982af97acd9acf0325409d6a5a63d9aba45c2297777a0
AdaptCMS version 2.0.2 (TinyURL) suffers from multiple remote SQL injection vulnerabilities.
ecc9c9dc887b3df0475b0f5e46b2f86ca3d6efa6d62a9d722afa1e8502476d61
NetClimber Web Design CMS suffers from a remote SQL injection vulnerability.
23a2f41aab6646e29a77f7c835de26a1c3ef3e4685913a45c76ef88aef0276a2
Prominent Technologies CMS suffers from a remote SQL injection vulnerability.
219ea236e99b1a274098f6b9d807535638575f4db7ba125471561a7144829bba
Baytech Web Design CMS suffers from a remote SQL injection vulnerability.
20446b806677015b1c51cce3af521e1ecb5882395871da2e95bdf2549ea1e7bf
Rite Solutions CMS suffers from a remote SQL injection vulnerability.
f965c338feb942d0a0a082106ca8a0d28ebd9af5d8f6e640af8798ec096a266e
Ignite Solutions CMS suffers from a remote SQL injection vulnerability.
7e7570ad805b5e941d8e5be10be7bb770ed286d33afd5a09491763baa0c93ff0
Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
8a0563560c5278232bee426b67531c717a2f791ad068e36e4a01e78a1f3d99fa
Small CMS suffers from a remote PHP code injection vulnerability.
0e3a9859ea3125d9c006d7cd5165bb3dd6f354ff5d19ecf1a7e15e8aadc18427
This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.
d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250
Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.
a7d8c229d604afce14ad7a8fb8d44e7b7cc72c937a69259550169bc098531f63
Ubuntu Security Notice 1451-1 - Ivan Nestlerode discovered that the Cryptographic Message Syntax (CMS) and PKCS #7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack (MMA). It was discovered that an integer underflow was possible when using TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.
c2d728621ad0692803f2775f1741405360b7d473c41ea474fa8427075d3d957a
Secunia Security Advisory - A vulnerability has been reported in dotCMS, which can be exploited by malicious users to compromise a vulnerable system.
25eae5750d2834fb8e3079d5d6af05076a0ec2412dd6392f27ce72e2dd790185
Secunia Security Advisory - A vulnerability has been discovered in Jaow CMS, which can be exploited by malicious people to conduct SQL injection attacks.
ebc058729c8fa49563976442ce8cba0f79250e4a09fb4064f1413bae4da06da5
Secunia Security Advisory - Multiple vulnerabilities have been discovered in RuubikCMS, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks.
23cd8d75dd45a4e888bdbbfe3892a5815e3d191ce26767361fafaad1fa340966