|
Quick.Cms.Lite "admin.php" Cross-Site Scripting
|
|
|
|
Vuln: Triton CMS Pro 'X-Forwarded-For' Header SQL Injection Vulnerability 2008-07-09
|
|
|
|
CVE-2008-0497 (Nucleus CMS)
|
|
|
|
Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities Thu, 30 Oct 2008 12:00:37 +0100
|
|
|
|
devalcms "currentfile" Local File Inclusion
|
|
|
|
CVE-2008-1510 (OpenCms)
|
|
|
|
FrSIRT - CMS Ortus "City" Parameter Remote SQL Injection Vulnerability 2008-11-27
|
|
|
|
Vuln: auraCMS 'user.php' Access Validation Vulnerability 2008-03-28
|
|
|
|
CVE-2008-3397 (cerberus_cms)
|
|
|
|
SaturnCMS Multiple SQL Injection Vulnerabilities
|
|
|
|
CVE-2007-6652 (xcms)
|
|
|
|
CVE-2008-2267 (CMS Made Simple)
|
|
|
|
CVE-2008-0793 (CMS)
|
|
|
|
tinyCMS 1.1.2 (templater.php) Local File Inclusion Vulnerability Tue, 28 Oct 2008 00:57:09 +0100
|
|
|
|
CVE-2008-4186 (webcms_portal_edition)
|
|
|
|
CVE-2008-0601 (All Club CMS)
|
|
|
|
Vuln: Samart-cms 'site.php' SQL Injection Vulnerability 2008-06-23
|
|
|
|
CVE-2008-3291 (aproxengine, aprox_cms_engine)
|
|
|
|
CVE-2008-2891 (emuCMS)
|
|
|
|
Mcms Easy Web Make "template" Local File Inclusion
|
|
|
|
Avaya CMS Solaris namefs Kernel Module Privilege Escalation
|
|
|
|
Avaya CMS Solaris TCP Implementation SYN Flood Denial of Service
|
|
|
|
CVE-2008-0232 (Zero CMS)
|
|
|
|
Bugtraq: [USN-652-1] LittleCMS vulnerability
|
|
|
|
Vuln: Xomol CMS 'index.php' Local File Include Vulnerability 2008-07-17
|
|
|
|
CVE-2008-2484 (xomol_cms)
|
|
|
|
Bugtraq: Multiple vulnerabilities in RUNCMS 1.6 by DSecRG
|
|
|
|
CVE-2007-6218 (CMS)
|
|
|
|
CVE-2008-2681 (realm_cms)
|
|
|
|
CVE-2008-2840 (exero_cms)
|
|
|
|
CVE-2008-2912 (Contenido_cms)
|
|
|
|
Vuln: PHPEcho CMS 'Smarty.class.php' Remote File Include Vulnerability 2008-02-23
|
|
|
|
The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilities Fri, 21 Nov 2008 13:39:15 +0100
|
|
|
|
CVE-2008-0164 (Plone CMS)
|
|
|
|
Alkacon OpenCms "resource" Cross-Site Scripting Vulnerability
|
|
|
|
MODx CMS Source code disclosure, local file inclusion 8-1-2008
|
|
|
|
Alkacon OpenCms logfileViewSettings.jsp XSS, file disclosure 12-3-2008
|
|
|
|
Vuln: Jonascms Multiple Local File Include Vulnerabilities 2008-06-27
|
|
|
|
Exponent CMS User Registration Script Insertion
|
|
|
|
CVE-2008-5164 (the_rat_cms)
|
|
|
|
CVE-2008-1990 (acidcat_cms)
|
|
|
|
Vuln: WebPortal CMS 'action.php' Unauthorized Access Vulnerability 2008-01-07
|
|
|
|
CVE-2008-5207 (jonascms)
|
|
|
|
Bugtraq: Xss In Datalife Engine CMS 7.2
|
|
|
|
CVE-2007-6347 (Helpdesk, CMS, Shop Evaluation, Shop Free)
|
|
|
|
Atarone CMS Multiple Vulnerabilities
|
|
|
|
CVE-2008-2870 (sharecms)
|
|
|
|
Pragyan CMS File Inclusion Vulnerabilities
|
|
|
|
FrSIRT - Avaya CMS and IR Solaris X Server Extensions Multiple Vulnerabilities 2008-07-01
|
|
|
|
CVE-2008-4529 (asicms)
|
|
|
|
CVE-2008-0856 (e-Vision CMS)
|
|
|
|
Kasseler CMS Cross-Site Scripting Vulnerability
|
|
|
|
CVE-2008-1409 (Exero CMS)
|
|
|
|
xeCMS 1.x.x Remote File Disclosure Vulnerability. 21-12-2007
|
|
|
|
CVE-2008-2976 (tinx_cms)
|
|
|
|
CVE-2008-3087 (kasseler_cms)
|
|
|
|
Alkacon OpenCms tree_files.jsp resource XSS 27-2-2008
|
|
|
|
CVE-2008-4374 (cms_buzz)
|
|
|
|
CVE-2007-6142 (JAF CMS)
|
|
|
|
Questcms (XSS/Directory Traversal/SQL) Multiple Remote Vulnerabilities Thu, 30 Oct 2008 11:59:48 +0100
|
|
|
|
CVE-2008-4364 (parsaweb_cms)
|
|
|
|
RedDot CMS SQL injection vulnerability Tue, 22 Apr 2008 13:49:56 +0200
|
|
|
|
Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities Sat, 28 Jun 2008 11:03:32 +0200
|
|
|
|
ParsaWeb CMS SQL Injection Fri, 03 Oct 2008 00:00:56 +0200
|
|
|
|
CVE-2008-3675 (gelatocms)
|
|
|
|
WebCMS.es Cross-Site Scripting and SQL Injection Vulnerabilities
|
|
|
|
CVE-2008-3562 (Chupix CMS, cms_contact_module)
|
|
|
|
CVE-2008-4648 (elxis_cms)
|
|
|
|
CVE-2008-2046 (SiteXS CMS)
|
|
|
|
CVE-2008-1551 (RunCMS, photo_module)
|
|
|
|
CVE-2008-4073 (autodealers_cms_autonline)
|
|
|
|
CVE-2008-2680 (realm_cms)
|
|
|
|
CVE-2008-4377 (creator_cms)
|
|
|
|
VU#309739: Microsoft Color Management System (MSCMS) module remote code execution
|
|
|
|
Kvaliitti WebDoc 3.0 CMS SQL Injection vulnerability 21-12-2007
|
|
|
|
CVE-2008-1513 (CMS)
|
|
|
|
BIGACE Web CMS Multiple File Inclusion Vulnerabilities
|
|
|
|
CVE-2008-0650 (Simple OS CMS)
|
|
|
|
Bugtraq: StanWeb.CMS (default.asp id) Remote SQL Injection Exploit
|
|
|
|
Mandriva Security Update Fixes Little CMS Buffer Overflow Vulnerability 2007-12-07
|
|
|
|
CVE-2008-3849 (civic-cms)
|
|
|
|
1024 CMS Multiple File Inclusion Vulnerabilities
|
|
|
|
CVE-2008-1393 (Plone CMS)
|
|
|
|
CVE-2008-2897 (pagesquid_cms)
|
|
|
|
Vuln: Phoenix View CMS 'admin_frame.php' Cross-Site Scripting Vulnerability 2008-06-02
|
|
|
|
Tilde CMS <= v. 4.x "aarstal" parameter of "yeardetail" SQL Injection 29-11-2007
|
|
|
|
CVE-2008-3417 (fipsCMS light)
|
|
|
|
CVE-2008-4159 (jaw_portal, zanfi_cms_lite)
|
|
|
|
Vuln: MODx CMS Cross Site Scripting and Remote File Include Vulnerabilities 2008-11-25
|
|
|
|
moziloCMS "cat" File Disclosure Vulnerability
|
|
|
|
CVE-2007-6160 (Tilde CMS)
|
|
|
|
CVE-2008-1398 (AuraCMS)
|
|
|
|
InterTech WCMS "id" SQL Injection Vulnerability
|
|
|
|
Bugtraq: cevado technologies real estate CMS SQL injection
|
|
|
|
Xomol CMS "current_url" Cross-Site Scripting Vulnerability
|
|
|
|
Plone CMS Security Research - the Art of Plowning 20-3-2008
|
|
|
|
CVE-2008-4894 (tribiq_cms)
|
|
|
|
CVE-2008-3164 (fuzzylime_cms)
|
|
|
|
Avaya CMS Solaris X Window System Information Disclosure
|
|
|
|
CVE-2008-3414 (CMS)
|
|
|
|
LoveCMS Multiple Vulnerabilities
|
|
|
|
CVE-2008-3708 (dotcms)
|
|
|
|
DeeEmm CMS (DMCMS) 0.7.4 Multiple Remote Vulnerabilities Fri, 22 Aug 2008 10:06:51 +0200
|
|
|
|
CVE-2008-2650 (CMSimple)
|
|
|
|
CMSimple File Upload and Local File Inclusion
|
|
|
|
Acidcat CMS Multiple Vulnerabilities Wed, 30 Apr 2008 08:38:44 +0200
|
|
|
|
Multiple vulnerabilities in RUNCMS 1.6 28-12-2007
|
|
|
|
CVE-2008-0426 (PacerCMS)
|
|
|
|
MiaCMS <= 4.6.5 Multiple Remote SQL Injection Vulnerabilities Wed, 27 Aug 2008 11:43:28 +0200
|
|
|
|
CVE-2008-2879 (benja_cms)
|
|
|
|
CVE-2008-5202 (otmanager_cms)
|
|
|
|
CVE-2008-2482 (onecms)
|
|
|
|
CVE-2008-3183 (gapicms)
|
|
|
|
CVE-2008-2770 (mycrocms)
|
|
|
|
CVE-2008-3575 (ezcontents_cms)
|
|
|
|
ezContents CMS Version 2.0.0 SQL Injection Vulnerabilities Sat, 10 May 2008 01:46:18 +0200
|
|
|
|
Vuln: e-Vision CMS 2.0 Multiple Remote Vulnerabilities 2008-08-01
|
|
|
|
CVE-2008-4893 (tribiq_cms)
|
|
|
|
CVE-2008-3254 (precms)
|
|
|
|
CVE-2008-4356 (kasseler_cms)
|
|
|
|
CVE-2008-3568 (unak-cms)
|
|
|
|
CVE-2008-1038 (DBHcms)
|
|
|
|
CVE-2008-1394 (Plone CMS)
|
|
|
|
Vuln: StanWeb CMS 'default.asp' SQL Injection Vulnerability 2008-05-17
|
|
|
|
Bugtraq: XSS and Data Manipulation attacks found in CMS PHPCart.
|
|
|
|
CVE-2007-6164 (Eurologon CMS)
|
|
|
|
CVE-2007-6552 (AuraCMS)
|
|
|
|
CVE-2008-2483 (xomol_cms)
|
|
|
|
Avaya CMS / IR Sun Solaris FIFO File System Unauthorized Data Access
|
|
|
|
CVE-2007-6085 (vigilecms)
|
|
|
|
FrSIRT - LokiCMS "page" Parameter Information Disclosure Vulnerability 2008-10-13
|
|
|
|
CVE-2008-0427 (bloofoxCMS)
|
|
|
|
Avaya CMS Sun Solaris X Window System and X Server Vulnerabilities
|
|
|
|
MTCMS HTTP Query String SQL Injection Vulnerability
|
|
|
|
SebracCMS <= 0.4 Multiple SQL Injection Vulnerabilities Sun, 23 Nov 2008 10:53:06 +0100
|
|
|
|
CVE-2008-4601 (cms)
|
|
|
|
CVE-2008-4778 (koobi_cms)
|
|
|
|
CVE-2007-6549 (RunCMS)
|
|
|
|
CVE-2008-4651 (jetbox_cms)
|
|
|
|
CVE-2008-4142 (e-php_cms)
|
|
|
|
webcms.es webCMS Portal Edition "id" SQL Injection Vulnerability
|
|
|
|
Bugtraq: CCMS v3.1 Demo <= SQL Injection Vulnerability 0day
|
|
|
|
Avaya CMS / IR Solaris X Server Extensions Multiple Vulnerabilities
|
|
|
|
Charray's CMS "ccms_library_path" File Inclusion
|
|
|
|
CVE-2007-6325 (Fastpublish CMS)
|
|
|
|
CVE-2008-3721 (DMCMS)
|
|
|
|
TAGWORX.CMS Two SQL Injection Vulnerabilities
|
|
|
|
CVE-2008-0390 (AuraCMS, Mod Block Statistik)
|
|
|
|
CVE-2008-4547 (web_cms)
|
|
|
|
Bugtraq: IRM Security Advisory : RedDot CMS SQL injection vulnerability
|
|
|
|
FrSIRT - Dorsa CMS "search" Parameter Cross Site Scripting Vulnerability 2008-10-30
|
|
|
|
BareNuked CMS "password" SQL Injection Vulnerability
|
|
|
|
FlexCMS <= 2.5 Cross Site Scripting Vulnerability Thu, 21 Aug 2008 00:51:03 +0200
|
|
|
|
CVE-2008-1413 (sNews CMS Rus)
|
|
|
|
Vuln: RunCMS Avatar Arbitrary File Upload Vulnerability 2007-11-24
|
|
|
|
FrSIRT - LoveCMS Administrative Password Manipulation Vulnerability 2008-11-24
|
|
|
|
Vuln: Aprox CMS Engine 'index.php' SQL Injection Vulnerability 2008-07-19
|
|
|
|
Bugtraq: Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities
|
|
|
|
Vuln: CMS Ortus Edit User Profile SQL Injection Vulnerability 2008-11-26
|
|
|
|
fuzzylime (cms) >=3.02 XSS Fri, 26 Sep 2008 16:24:09 +0200
|
|
|
|
CVE-2008-3415 (CMScout)
|
|
|
|
CVE-2008-0734 (Limbo CMS)
|
|
|
|
CVE-2008-2854 (orlando_cms)
|
|
|
|
CVE-2008-4921 (chipmunk_cms)
|
|
|
|
ProActive CMS (template) Local File Inclusion Vulnerability Sun, 28 Sep 2008 00:38:51 +0200
|
|
|
|
Avaya CMS Solaris X Window System and X Server Multiple Vulnerabilities
|
|
|
|
Bugtraq: communitycms-0.1 Remote File Includion
|
|
|
|
CVE-2008-2535 (phoenix_view_cms)
|
|
|
|
Ektron CMS400.NET Unspecified Vulnerability
|
|
|
|
MauryCMS "c" SQL Injection Vulnerability
|
|
|
|
TinyCMS "config[template]" Local File Inclusion Vulnerability
|
|
|
|
SineCMS <= 2.3.4 Calendar SQL Injection 'n something else.. 16-12-2007
|
|
|
|
Eurologon CMS Db credentials disclosure / files download 30-11-2007
|
|
|
|
Pre Simple CMS "user" SQL Injection Vulnerability
|
|
|
|
CVE-2008-1972 (Exponent CMS)
|
|
|
|
CVE-2008-4519 (fastpublish_cms)
|
|
|
|
CVE-2008-0142 (WebPortal CMS)
|
|
|
|
CVE-2008-5217 (txtcms)
|
|
|
|
Vuln: KasraCMS 'index.php' Multiple SQL Injection Vulnerabilities 2008-10-25
|
|
|
|
CVE-2008-4154 (webedition_cms)
|
|
|
|
CMS from Scratch Information Disclosure and File Upload
|
|
|
|
CVE-2008-4662 (lokicms)
|
|
|
|
CVE-2008-2126 (CMS)
|
|
|
|
Subdreamer CMS "Comments()" Function Arbitrary Comment Posting Issue 2007-11-26
|
|
|
|
Vuln: Jetbox CMS 'liste' Parameter Cross Site Scripting Vulnerability 2008-10-23
|
|
|
|
CVE-2007-6161 (Tilde CMS)
|
|
|
|
CMS Made Simple Multiple File Extensions Vulnerability
|
|
|
|
fuzzylime (cms) "admindir" File Inclusion Vulnerability
|
|
|
|
CVE-2008-5195 (sebraccms)
|
|
|
|
CVE-2008-3207 (pragyan_cms)
|
|
|
|
CVE-2008-3572 (Pligg CMS)
|
|
|
|
Vuln: CMS-BRD 'index.php' SQL Injection Vulnerability 2008-06-23
|
|
|
|
CVE-2008-0602 (All Club CMS)
|
|
|
|
CVE-2008-2789 (BASIC-CMS)
|
|
|
|
Plume CMS "dir" Cross-Site Scripting Vulnerability
|
|
|
|
CVE-2008-4649 (elxis_cms)
|
|
|
|
PacerCMS Multiple Vulnerabilities (XSS/SQL) 25-1-2008
|
|
|
|
CVE-2008-1352 (EdiorCMS)
|
|
|
|
CVE-2008-4244 (rianxosencabos_cms)
|
|
|
|
Bugtraq: aura cms lihatberita SQL Injection(id)
|
|
|
|
Kasseler CMS Multiple SQL Injection Vulnerabilities
|
|
|
|
Multiple Local File Include Vulnerabilities in Pluck CMS 4.5.2 Thu, 28 Aug 2008 22:48:54 +0200
|
|
|
|
RunCms PHP Code Execution and Local File Inclusion
|
|
|
|
CVE-2008-2984 (cmreams_cms)
|
|
|
|
FrSIRT - fuzzylime (cms) "admindir" Parameter Remote File Inclusion Vulnerability 2008-03-18
|
|
|
|
CVE-2008-3202 (xomol_cms)
|
|
|
|
CVE-2008-4647 (sweetcms)
|
|
|
|
ViArt CMS/HelpDesk/Shop "root_folder_path" File Inclusion
|
|
|
|
CVE-2008-1992 (acidcat_cms)
|
|
|
|
CVE-2008-2901 (family_connections_cms)
|
|
|
|
CVE-2007-6366 (SineCMS)
|
|
|
|
CVE-2008-3165 (fuzzylime_cms)
|
|
|
|
CVE-2007-6658 (CCMS)
|
|
|
|
CVE-2007-6058 (ProfileCMS)
|
|
|
|
Vuln: SineCms Multiple Input Validation Vulnerabilities 2007-12-18
|
|
|
|
CVE-2008-0233 (Zero CMS)
|
|
|
|
CVE-2008-2979 (ourvideo_cms)
|
|
|
|
Bugtraq: gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability
|
|
|
|
CVE-2008-3453 (impresscms)
|
|
|
|
FrSIRT - TikiWiki CMS/Groupware Two Unspecified Vulnerabilities 2008-10-22
|
|
|
|
EZCMS "page" SQL Injection Vulnerability
|
|
|
|
CVE-2008-1396 (Plone CMS)
|
|
|
|
CVE-2008-5163 (the_rat_cms)
|
|
|
|
CVE-2008-3256 (Siteframe Beaumont, siteframe_cms)
|
|
|
|
CVE-2008-4139 (quick.cms.lite)
|
|
|
|
Avaya CMS / IR Solaris Remote Procedure Call Module Denial of Service
|
|
|
|
CVE-2008-2533 (phoenix_view_cms)
|
|
|
|
CVE-2007-6656 (CMS Made Simple)
|
|
|
|
CVE-2008-2225 (gamecms_lite)
|
|
|
|
CVE-2008-2124 (fipsCMS)
|
|
|
|
CVE-2008-1045 (OpenCms)
|
|
|
|
FrSIRT - Kasra CMS "shme" and "cont" Remote SQL Injection Vulnerabilities 2008-10-27
|
|
|
|
CVE-2008-0431 (IDMOS CMS)
|
|
|
|
CVE-2008-0749 (Calimero.CMS)
|
|
|
|
FrSIRT - MyPHP CMS "pid" Parameter Remote SQL Injection Vulnerability 2008-06-27
|
|
|
|
Triton CMS Pro "X-Forwarded-For" SQL Injection Vulnerability
|
|
|
|
Vuln: Tendenci CMS 'search.asp' Multiple Cross-Site Scripting Vulnerabilities 2008-02-14
|
|
|
|
RealVNC VNC Viewer "CMsgReader::readRect()" Encoding Type Vulnerability
|
|
|
|
CVE-2008-0654 (Azucar CMS)
|
|
|
|
CVE-2008-1993 (acidcat_cms)
|
|
|
|
Vuln: CMS Little 'term' Parameter SQL Injection Vulnerability 2008-11-28
|
|
|
|
CVE-2008-2888 (migcms)
|
|
|
|
FrSIRT - iGaming CMS "keywords" Remote SQL Injection Vulnerability 2008-10-17
|
|
|
|
eliteCMS "page" SQL Injection Vulnerability
|
|
|
|
CMS Made Simple "templateid" SQL Injection Vulnerability
|
|
|
|
CVE-2008-1405 (fuzzylime (cms))
|
|
|
|
CVE-2007-6623 (ZeusCMS)
|
|
|
|
CVE-2008-1911 (1024 CMS)
|
|
|
|
Bugtraq: Acidcat CMS Multiple Vulnerabilities
|
|
|
|
SyndeoCMS File Disclosure and Cross-Site Scripting
|
|
|
|
CVE-2008-2843 (cms)
|
|
|
|
Vuln: UNAK-CMS Cookie Authentication Bypass Vulnerability 2008-09-23
|
|
|
|
CVE-2008-2842 (cms)
|
|
|
|
Vuln: TinX/cms Cross Site Scripting and Local File Include Vulnerabilities 2008-06-25
|
|
|
|
microSSys CMS "PAGES[]" File Inclusion Vulnerability
|
|
|
|
CVE-2008-2679 (realm_cms)
|
|
|
|
Directory traversal in EdiorCMS V3.0 17-3-2008
|
|
|
|
CVE-2007-6650 (R2 CMS)
|
|
|
|
LANAI CMS Multiple File Extensions Vulnerability
|
|
|
|
FrSIRT - Exero CMS "theme" Parameter Local File Inclusion Vulnerabilities 2008-03-18
|
|
|
|
CVE-2008-2921 (EZCMS)
|
|
|
|
CVE-2008-2686 (flux_cms)
|
|
|
|
Bugtraq: [HACKATTACK Advisory 20081127]Social Impress CMS 1.1 - Session Fixation
|
|
|
|
Avaya CMS Solaris "picld" Denial of Service
|
|
|
|
CVE-2008-2983 (demo4_cms)
|
|
|
|
Vuln: iTCms 'boxpop.php' Remote File Include Vulnerability 2008-05-03
|
|
|
|
CVE-2008-2820 (open_azimyt_cms)
|
|
|
|
CVE-2008-4667 (arabcms)
|
|
|
|
CVE-2008-0478 (SetCMS)
|
|
|
|
CVE-2008-4424 (goocms)
|
|
|
|
CVE-2008-2833 (le.cms)
|
|
|
|
CVE-2008-4603 (cms)
|
|
|
|
CVE-2008-4909 (compact_cms)
|
|
|
|
asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerabilities Fri, 10 Oct 2008 19:33:53 +0200
|
|
|
|
Bugtraq: PR08-02: Plone CMS Security Research - the Art of Plowning
|
|
|
|
CVE-2007-6087 (vigilecms)
|
|
|
|
FrSIRT - E-Php CMS "es_id" Parameter Remote SQL Injection Vulnerability 2008-09-18
|
|
|
|
CVE-2008-2977 (ourvideo_cms)
|
|
|
|
AdaptCMS Lite <= 1.3 Blind SQL Injection Exploit Fri, 10 Oct 2008 19:34:21 +0200
|
|
|
|
CVE-2008-4185 (webcms_portal_edition)
|
|
|
|
CVE-2007-6664 (WebPortal CMS)
|
|
|
|
Vuln: Limbo CMS 'open.php' SQL Injection Vulnerability 2008-10-21
|
|
|
|
CVE-2008-2978 (ourvideo_cms)
|
|
|
|
CVE-2007-6583 (1024 CMS)
|
|
|
|
CVE-2008-4046 (elitecms)
|
|
|
|
CVE-2008-2530 (quickupcms)
|
|
|
|
CVE-2008-0458 (SLAED CMS)
|
|
|
|
Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities Sat, 28 Jun 2008 11:04:06 +0200
|
|
|
|
CVE-2008-4158 (zanfi_cms_lite)
|
|
|
|
Ektron CMS400.NET "res" SQL Injection Vulnerability
|
|
|
|
Vuln: Sharedlog CMS Remote File Include Vulnerability 2008-11-01
|
|
|
|
dotCMS 1.6 (id) Multiple Local File Inclusion Vulnerabilities Wed, 20 Aug 2008 20:16:48 +0200
|
|
|
|
Bugtraq: sharedlog CMS Remote File Includes
|
|
|
|
CVE-2008-1462 (RunCMS)
|
|
|
|
Vuln: MiaCMS 'mod_socialbits.php' SQL Injection Vulnerability 2008-08-30
|
|
|
|
CVE-2008-3088 (kasseler_cms)
|
|
|
|
FrSIRT - Webdevindo-CMS "hal" Parameter Remote SQL Injection Vulnerability 2008-06-27
|
|
|
|
CVE-2008-5122 (cms4000.net)
|
|
|
|
Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit Thu, 23 Oct 2008 19:08:20 +0200
|
|
|
|
CVE-2008-2961 (cms_mini)
|
|
|
|
CVE-2008-3722 (fipsCMS)
|
|
|
|
CVE-2008-2351 (cms_webmanager-pro)
|
|
|
|
CVE-2008-3589 (mozilocms)
|
|
|
|
Xomol CMS Local File Inclusion and SQL Injection
|
|
|
|
Avaya CMS Solaris Self Encapsulated IP Packets Vulnerability
|
|
|
|
CVE-2008-4772 (questcms)
|
|
|
|
CVE-2008-2913 (devalcms)
|
|
|
|
FrSIRT - H2O-CMS "admin" Cookie Handling Unauthorized Access 2008-10-30
|
|
|
|
CVE-2008-1613 (cms)
|
|
|
|
CVE-2008-4518 (fastpublish_cms)
|
|
|
|
CVE-2008-3133 (barenuked_cms)
|
|
|
|
ArabCMS (rss.php rss) Local File Inclusion Vulnerability Thu, 23 Oct 2008 19:05:38 +0200
|
|
|
|
AuraCMS "albums" SQL Injection Vulnerability
|
|
|
|
CVE-2008-3785 (miacms, com_component)
|
|
|
|
CVE-2008-2988 (benja_cms)
|
|
|
|
CVE-2008-0811 (AuraCMS)
|
|
|
|
Avaya CMS Solaris "sadmind" Buffer Overflow Vulnerability
|
|
|
|
Quate CMS Multiple Vulnerabilities
|
|
|
|
CVE-2008-0094 (MODxCMS)
|
|
|
|
CVE-2008-2796 (FreeCMS)
|
|
|
|
CVE-2008-4913 (lokicms)
|
|
|
|
Vuln: Eurologon CMS ID Parameter Multiple SQL Injection Vulnerabilities 2007-11-30
|
|
|
|
Bugtraq: Eurologon CMS Db credentials disclosure / files download
|
|
|
|
AdaptCMS "user_name" SQL Injection Vulnerability
|
|
|
|
CVE-2008-1991 (acidcat_cms)
|
|
|
|
CVE-2008-0700 (CruxCMS)
|
|
|
|
FluentCMS "sid" SQL Injection Vulnerability
|
|
|
|
CVE-2008-0459 (LiquidSilverCMS)
|
|
|
|
RedDot CMS "LngId" SQL Injection Vulnerability
|
|
|
|
CVE-2008-2792 (eroCMS)
|
|
|
|
Bugtraq: [ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow
|
|
|
|
CMSbright "id_rub_page" SQL Injection Vulnerability
|
|
|
|
CVE-2007-6564 (Limbo CMS)
|
|
|
|
Bugtraq: Re: Remote File Disclosure in phpCMS 1.2.2
|
|
|
|
AuraCMS "pages_data.php" Manipulation of Data
|
|
|
|
Fastpublish CMS designconfig.php File Inclusion
|
|
|
|
CVE-2008-3213 (webcms_portal_edition)
|
|
|
|
CVE-2008-0735 (AuraCMS)
|
|
|
|
CVE-2008-3098 (fuzzylime_cms)
|
|
|
|
CVE-2008-0450 (Blog CMS)
|
|
|
|
CVE-2007-6651 (R2 CMS)
|
|
|
|
MyPHP CMS 0.3.1 (page.php pid) Remote SQL Injection Vulnerability Fri, 08 Aug 2008 20:25:00 +0200
|
|
|
|
CVE-2008-0141 (WebPortal CMS)
|
|
|
|
OneCMS "load" Local File Inclusion Vulnerability
|
|
|
|
ZeusCMS SQL Injection and Information Disclosure
|
|
|
|
Bugtraq: phpechocms v 2.0 rc3 RFI
|
|
|
|
FrSIRT - H2O-CMS "SaveConfig" Remote PHP Code Injection Vulnerabilities 2008-10-30
|
|
|
|
CVE-2008-2682 (realm_cms)
|
|
|
|
FrSIRT - WebStudio CMS "pageid" Remote SQL Injection Vulnerability 2008-11-27
|
|
|
|
Tendenci CMS search.asp Cross-Site Scripting Vulnerabilities
|
|
|
|
CVE-2008-4774 (questcms)
|
|
|
|
CVE-2008-0651 (CMS)
|
|
|
|
FrSIRT - gapicms "dirDepth" Remote PHP File Inclusion Vulnerability 2008-07-11
|
|
|
|
CVE-2008-1395 (Plone CMS)
|
|
|
|
CVE-2008-2877 (cmsworks)
|
|
|
|
CVE-2008-2192 (ITCMS)
|
|
|
|
Dorsa CMS "PageIDF" SQL Injection Vulnerability
|
|
|
|
CVE-2008-0428 (BloofoxCMS)
|
|
|
|
CVE-2008-4245 (rianxosencabos_cms)
|
|
|
|
CVE-2008-3153 (triton_cms_pro)
|
|
|
|
Vuln: H2O-CMS PHP Code Injection and Cookie Authentication Bypass Vulnerabilities 2008-10-29
|
|
|
|
FrSIRT - shareCMS "eventID" and "userID" Remote SQL Injection Vulnerabilities 2008-06-25
|
|
|
|
Vuln: CMS Made Simple 'cms_language' Cookie Parameter Directory Traversal Vulnerability 2008-11-29
|
|
|
|
CVE-2008-2837 (cms-brd)
|
|
|
|
CVE-2007-6159 (Tilde CMS)
|
|
|
|
|