exploits , vulnerabilities , articles , TGS Content Management Multiple Input Validation Vulnerabilities
| Title |
TGS Content Management Multiple Input Validation Vulnerabilities |
| Published |
2009-08-13-12:00AM |
| Updated |
2009-09-15-11:21PM |
| Class |
Input Validation Error |
| CVE |
CVE-2009-2929 E-2009-2928 |
| Remote |
Yes |
| Local |
No |
| Credit |
[]ViZiOn |
| Vulnerable |
TGS Content Management TGS Content Management 0
|
| Not Vulnerable |
|
| Code |
An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.The following example URIs are available:http://www.example.com/cms/index.php?tgs_language_id=[SQL Injection]
http://www.example.com/cms/index.php?tpl_dir=[SQL Injection]
http://www.example.com/cms/index.php?referer=[SQL Injection]
http://www.example.com/cms/index.php?user-agent=[SQL Injection]
http://www.example.com/cms/index.php?site=[SQL Injection]
http://www.example.com/cms/index.php?option=[SQL Injection]
http://www.example.com/cms/index.php?db_optimization=[SQL Injection]
http://www.example.com/cms/index.php?owner=[SQL Injection]
http://www.example.com/cms/index.php?admin_email=[SQL Injection]
http://www.example.com/cms/index.php?default_language=[SQL Injection]
http://www.example.com/cms/index.php?db_host=[SQL Injection]
http://www.example.com/cms/frontpage_ception.php?cmd=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?s_dir=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?minutes=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?s_mask=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?test3_mp=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?test15_file1=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?submit=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?brute_method=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?ftp_server_port=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?userfile14=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?subj=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?mysql_l=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?action=[Blind SQL
http://www.example.com/cms/frontpage_ception.php?userfile1=[Blind SQL]
http://www.example.com/cms/index.php (site=admin)
http://www.example.com/cms/admin.php
http://www.example.com/cms/index.php (site=admin)
http://www.example.com/cms/login.php?previous_page=[XSS] |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Thu, 10 Dec 2009 07:11:32 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
cake.bee-p www.laoq.n www.haayee 200 /compo z1sex.com IceWarp We lo643l kallori drivers cr vBulletin microsoft www.scyb.c simrannude rambha.sex Nakedbolly xdsxdm deshipapa 200 /compo www.hm8zh. www.059151 www.059151 Free sex v wwwdogsexm petek din www.sh91.c Dr.Death www.lwdjz. contentser B.A.Result www.wolfli stebuch www.68035. merca+livr news for c aflam+*** Sax woman Sexy girls 200 /compo mattos nas www.xinrui news for c Www.angele Joomla! - sexygirlsv OvBB news for c xpl/exploi www.jd5108 old womans www.xayf.c
|
