SPIP CMS versions 2.x and 3.x suffer from unauthenticated add administrator and arbitrary file upload vulnerabilities.
894150aaed7a06655bcf6e2a4dad0aecJSPMySQL Administrador version 1 suffers from cross site request forgery and cross site scripting vulnerabilities.
f3a918940a8d72a4ba43c9113a59b8d7phpLiteAdmin version 1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
7c17eb3fd40fbfbe2db9d13d7b08bcd5MySQL Lite Administrator version Beta 1 suffers from multiple cross site scripting vulnerabilities.
bca20010400041a19e05b03a1e749183SanyBee Gallery versions 0.2.9 and 0.2.10 suffer from cross site scripting and add administrator vulnerabilities.
63999f7d2ec4444eada0fe2c986d93bdphpBugTracker 1.7.5 suffers from cross site scripting, authorization bypass, and SQL injection vulnerabilities.
24393871d4790c7b948b41e13b79c2bdDesktop Central versions 7 and forward suffer from an add administrator vulnerability.
b60d61a41115d3cd7c6886ff1ad95235Traidnt Upload 3 add administrator exploit that leverages cookie manipulation.
361bdea33459ba5a4c0eaaa0d4a47868Weboptima CMS suffers from add administrator and remote shell upload vulnerabilities.
3643a702108fdb2bb08d1d7e1a8dfed3ZOHO ManageEngine ADSelfService Plus version 4.5 Build 4521 suffers from an authentication bypass vulnerability.
abcd383152e6364b34f539834b8b96b6112 bytes small Win32/PerfectXp-pc1/sp3 (Tr) add administrator shellcode.
0afd8039e46e9242f28451e8fcc78696Izlebizi Video Script remote add administrator account exploit.
f60a96d54cacd4281b3d0378de06e1acWESPA PHP Newsletter version 3.0 suffers from a remote administrative password changing vulnerability when the install script is left in place.
29581f5098200b2a001e76c0d5e4e166Simple PHP Newsletter suffers from a remote administrative password changing vulnerability when the install script is left in place.
e37242a8df8f40f08c93b1a005099ac3Web@All versions 1.1 and below remote administrative settings changing exploit.
4d308f23139631726000e5ec476c2a7cPageDirector CMS suffers from add administrator and remote SQL injection vulnerabilities.
57b174b4d88478d0bbcd13de74c70e53Sysax Multi Server add administrator exploit.
308ce6370a3c2fbe0d12908ef7bb0a2fDL_Stats suffers from cross site scripting, arbitrary administrative access and remote SQL injection vulnerabilities.
d5615d3d88b18178db8efb50b2706671Advanced Management For Services Sites remote add administrator exploit.
6481933d5f59b2840ea76f47bf52aa06NinkoBB version 1.3RC4 change / add administrator cross site request forgery exploit.
8e261c3dcf60222e2db4a653d4f19363FileExecutive suffers from file disclosure, path disclosure, shell upload, edit administrator and add administrator vulnerabilities.
b7ed8f259efee49af9d97576f6dc9dabPBBoard version 2.0.5 suffers from add administrator and shell upload vulnerabilities.
e260d5b1aa14649a57add955517ced45Limny CMS version 2.0 suffers from a cross site request forgery vulnerability that allows for a malicious attacker to have an administrator account created. Proof of concept code included.
1a8801acbb98c40afe28d41b0f183836Genere par KDPics version 1.18 remote add administrator exploit.
ab03cb7f23930bdecb16038ae2cf2d99Status2k remote add administrator exploit.
349c74c8e1f5eb544f62fc5b871f810d
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed