RSS

Tag Archives: xss

Elxis 2009.3 Aphrodite rev2681 – Session hijacking vulnerability

# Exploit Title: Elxis 2009.3 Aphrodite rev2681 – Session hijacking vulnerability
# Google Dork: —
# Date: 23/8/2011
# Author: mr.pr0n (@_pr0n_)
# Homepage: https://ghostinthelab.wordpress.com/http://s3cure.gr
# Software Link: http://www.elxis-downloads.com/downloads/download.html?id=325
# Version: Elxis 2009.3 Aphrodite rev2681
# Tested on: Linux Fedora 14

================
| Description              |
================
Elxis is powerful open source content management system (CMS) released for free under the GNU/GPL license. It has unique multi-lingual features, it follows W3C standards, it is secure, flexible, easy to use, and modern. The development team, Elxis Team, paid extra attention to the optimization of the CMS for the search engines and this lead to high performance of all elxis powered web sites and to high ranking in search engines results. We are glad to introduce you to the Elxis world. Welcome!

Read the rest of this entry »

Advertisements
 
Leave a comment

Posted by on August 23, 2011 in Exploits

 

Tags: , , ,

OneFileCMS v.1.1.1 – From XSS to Shell –


# Exploit Title: OneFileCMS v.1.1.1 Multiple Remote Vulnerabilities
# Google Dork: —
# Date: 21/8/2011
# Author: mr.pr0n (@_pr0n_)
# Homepage: https://ghostinthelab.wordpress.com/http://s3cure.gr
# Software Link: http://onefilecms.com/download/onefilecms_site_v1.1.1.zip
# Version: OneFileCMS v.1.1.1
# Tested on: Linux Fedora 14

 

===============
Description
===============
OneFileCMS is just that. It’s a flat, light, one file CMS (Content Management System) entirely contained in an easy-to-implement, highly customizable, database-less PHP script. Coupling a utilitarian code editor with all the basic necessities of an FTP application, OneFileCMS can maintain a whole website completely in-browser without any external programs.

Read the rest of this entry »

 
1 Comment

Posted by on August 21, 2011 in Exploits

 

Tags: , , , ,