what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 17 of 17

Files

dotCMS 5.1.1 Vulnerable Dependencies

Posted May 9, 2019

Authored by John Martinelli from ISRD.com

dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.

tags | advisory, vulnerability, xss

advisories | CVE-2008-7220, CVE-2015-9251, CVE-2018-14040, CVE-2018-14041, CVE-2019-11358

MD5 | 9e53ca2a35a92379f55b21ad389e087c

Download | Favorite | View

Related Files

DotCMS 20.11 Cross Site Scripting

Posted Dec 2, 2020

Authored by Hardik Solanki

DotCMS version 20.11 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

MD5 | 2726d6fd5df36dab9bf5d75f20ad865c

Download | Favorite | View

dotCMS 5.1.1 Open Redirection / Cross Site Scripting

Posted Jun 3, 2019

Authored by John Martinelli from ISRD.com

dotCMS version 5.1.1 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss

MD5 | e42d41a2fec23cc6c6364bf090c302da

Download | Favorite | View

dotCMS 5.1.1 HTML Injection

Posted May 9, 2019

Authored by Ismail Tasdelen

dotCMS version 5.1.1 suffers from an html injection vulnerability.

tags | exploit

advisories | CVE-2019-11846

MD5 | e7dad950e8bfcad15135b069f07607ca

Download | Favorite | View

dotCMS SQL Injection

Posted Feb 13, 2018

Authored by Elar Lang

dotCMS versions prior to 4.1.1 suffer from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection

advisories | CVE-2016-10007, CVE-2016-10008

MD5 | 051378d5d7710f66ec2e4258a92e4061

Download | Favorite | View

DotCMS 4.1.1 Shell Upload

Posted Jul 17, 2017

Authored by Xiaotian Wang

DotCMS version 4.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell

MD5 | 6662f3bad9f3f62ed6c7151df589bba6

Download | Favorite | View

dotCMS 3.6.1 Blind Boolean SQL Injection

Posted Feb 15, 2017

Authored by Ben Nott

dotCMS versions 3.6.1 and below suffer from a remote blind boolean SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2017-5344

MD5 | 321653aee224bce72af509d2db425d7b

Download | Favorite | View

dotCMS 3.x SQL Injection

Posted Nov 1, 2016

Authored by Elar Lang

dotCMS versions before 3.5, 3.3.1, and 3.3.2 suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection

advisories | CVE-2016-4040, CVE-2016-8902, CVE-2016-8903, CVE-2016-8904, CVE-2016-8905, CVE-2016-8906, CVE-2016-8907, CVE-2016-8908

MD5 | d7fb58e7e7192766245d6f06b4f422a1

Download | Favorite | View

dotCMS CAPTCHA Bypass

Posted Oct 20, 2016

Authored by Elar Lang

The CAPTCHA in dotCMS versions prior to 3.6.0 allows for reuse of a valid code.

tags | advisory

advisories | CVE-2016-8600

MD5 | 18d51b73728348fc71f0ae199f2f7cbb

Download | Favorite | View

dotCMS Email Header Injection

Posted May 25, 2016

Authored by Elar Lang

dotCMS versions prior to 3.5 and 3.3.2 suffers from an email header injection vulnerability.

tags | exploit

advisories | CVE-2016-4803

MD5 | 01e1c665f4835c234b4e4b03a6dad311

Download | Favorite | View

DotCMS 3.5 Beta Cross Site Scripting

Posted Apr 9, 2016

Authored by Piaox Xiong

DotCMS version 3.5 Beta suffers from a cross site scripting vulnerability.

tags | exploit, xss

MD5 | 50386f30837ec7b4648f8f918fd0242e

Download | Favorite | View

DotCMS 3.5 Beta Directory Traversal

Posted Apr 9, 2016

Authored by Piaox Xiong

DotCMS version 3.5 Beta suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | 76d97ec3f16133075cd60a3bb87edfc0

Download | Favorite | View

DotCMS 3.3 SQL Injection

Posted Apr 5, 2016

Authored by Piaox Xiong

DotCMS version 3.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2016-3688

MD5 | eaaa2739b996a9e27f8c6db9fa1437c0

Download | Favorite | View

dotCMS 3.2.4 CSRF / XSS / Open Redirect

Posted Dec 8, 2015

Authored by LiquidWorm | Site zeroscience.mk

dotCMS version 3.2.4 suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.

tags | exploit, vulnerability, xss, csrf

MD5 | cc07e16add389395e30e5f8a14e9d438

Download | Favorite | View

Secunia Security Advisory 49276

Posted May 25, 2012

Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in dotCMS, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory

MD5 | ff29c82b9de64d53f8b7fb4fe3013810

Download | Favorite | View

Secunia Security Advisory 31516

Posted Aug 18, 2008

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Don has discovered two vulnerabilities in dotCMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability

MD5 | 53fd364a6e09b7a28522e25706a333fd

Download | Favorite | View

dotcms-lfi.txt

Posted Aug 16, 2008

Authored by Don | Site balcan-crew.org

dotCMS version 1.6 suffers from local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion

MD5 | 3538f937032b299d320be6e2e08d9f7f

Download | Favorite | View

Secunia Security Advisory 30307

Posted May 20, 2008

Authored by Secunia | Site secunia.com

Secunia Security Advisory - Russ McRee has reported a vulnerability in dotCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss

MD5 | 0716c4669f715e496d4fefd02ac49c31

Download | Favorite | View