exploits , vulnerabilities , articles , TGS Content Management Multiple Input Validation Vulnerabilities
| Title |
TGS Content Management Multiple Input Validation Vulnerabilities |
| Published |
2009-08-13-12:00AM |
| Updated |
2009-09-15-11:21PM |
| Class |
Input Validation Error |
| CVE |
CVE-2009-2929 E-2009-2928 |
| Remote |
Yes |
| Local |
No |
| Credit |
[]ViZiOn |
| Vulnerable |
TGS Content Management TGS Content Management 0
|
| Not Vulnerable |
|
| Code |
An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.The following example URIs are available:http://www.example.com/cms/index.php?tgs_language_id=[SQL Injection]
http://www.example.com/cms/index.php?tpl_dir=[SQL Injection]
http://www.example.com/cms/index.php?referer=[SQL Injection]
http://www.example.com/cms/index.php?user-agent=[SQL Injection]
http://www.example.com/cms/index.php?site=[SQL Injection]
http://www.example.com/cms/index.php?option=[SQL Injection]
http://www.example.com/cms/index.php?db_optimization=[SQL Injection]
http://www.example.com/cms/index.php?owner=[SQL Injection]
http://www.example.com/cms/index.php?admin_email=[SQL Injection]
http://www.example.com/cms/index.php?default_language=[SQL Injection]
http://www.example.com/cms/index.php?db_host=[SQL Injection]
http://www.example.com/cms/frontpage_ception.php?cmd=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?s_dir=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?minutes=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?s_mask=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?test3_mp=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?test15_file1=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?submit=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?brute_method=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?ftp_server_port=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?userfile14=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?subj=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?mysql_l=[Blind SQL]
http://www.example.com/cms/frontpage_ception.php?action=[Blind SQL
http://www.example.com/cms/frontpage_ception.php?userfile1=[Blind SQL]
http://www.example.com/cms/index.php (site=admin)
http://www.example.com/cms/admin.php
http://www.example.com/cms/index.php (site=admin)
http://www.example.com/cms/login.php?previous_page=[XSS] |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Mon, 14 Dec 2009 23:31:08 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Video porn blog.com.m bigdickpic Www.Irib.C nude pakis dinakaran Glory kajol sexy hack phpBB Video sex Tami vBulletin MS WBT Ser WWW.SEX SE Airtellive search/exp trace xss DNSTools GroupWise Crack Data trhtytf anakali %2Fsearch% oracle 9 Sonyericss asin hot s lo239l apacha 2.0 hack pay s gamescript news for c RSS Fidds d...2Fid.t php BB WWW.AVIZOO tbhgjy.jim www.1990bb Microsoft asin bedse net cafe s pHP Ini_Re php guestb lo213l trishablue windows xp Versalink+ cowsex www.gzsang Sexibaby Plus
|
