[CLOSE] OSVDB ID : 48376 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/portfolio/layouts/basic_footer.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48377 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/portfolio/layouts/basic_header.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48378 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/portfolio/layouts/print.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48375 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the /themes/portfolio/layouts/standard.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' and 'page' parameters. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48379 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/portfolio/layouts/total.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' and 'page' parameters. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48391 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/snazzy/layouts/basic_footer.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48392 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/snazzy/layouts/basic_header.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48393 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/snazzy/layouts/print.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'page', 'page_include', and 'theme_dir' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48390 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/snazzy/layouts/standard.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'page' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 48394 - Disclosed: 2008-07-04

Description:

1024 CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the '/themes/snazzy/layouts/total.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'theme_dir' and 'page' parameters. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 75503 - Disclosed: 2011-04-07

Description:

1024 CMS Admin Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'msg' parameter upon submission to the common/pages/lib/footer_loggedin.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 75502 - Disclosed: 2011-04-07

Description:

1024 CMS Admin Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'msg' parameter upon submission to the common/pages/lib/footer_login.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 75500 - Disclosed: 2011-04-07

Description:

1024 CMS Admin Control Panel contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the dashboard.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'act' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 75498 - Disclosed: 2011-04-07

Description:

1024cms Admin Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'msg_error', 'msg_okay', 'msg_info' and 'msg_attention' parameters upon submission to the dashboard.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 75499 - Disclosed: 2011-04-07

Description:

1024 CMS Admin Control Panel contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the includes/base_files.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'act' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 75497 - Disclosed: 2011-04-07

Description:

1024cms Admin Control Panel contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'msg' parameter upon submission to the index.php script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 75504 - Disclosed: 2011-04-07

Description:

1024 CMS Admin Control Panel contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the index.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'processfile' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 75501 - Disclosed: 2011-04-07

Description:

1024 CMS Admin Control Panel contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the modules/forcedownload/cls_forcedl.php script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'filename' parameter. This directory traversal attack would allow the attacker to access arbitrary files.

[CLOSE] OSVDB ID : 41282 - Disclosed: 2007-12-21

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1.

[CLOSE] OSVDB ID : 41283 - Disclosed: 2007-12-21

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1.

[CLOSE] OSVDB ID : 41284 - Disclosed: 2007-12-21

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1.

[CLOSE] OSVDB ID : 41378 - Disclosed: 2007-10-17

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file containing PHP code and (2) unspecified use of the forum component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 41379 - Disclosed: 2007-10-17

Description:

(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file containing PHP code and (2) unspecified use of the forum component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

[CLOSE] OSVDB ID : 35542 - Disclosed: 2007-05-02

Description:

(Description Provided by CVE) : Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the item parameter.

[CLOSE] OSVDB ID : 44342 - Disclosed: 2008-04-13

Description:

(Description Provided by CVE) : SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie.

[CLOSE] OSVDB ID : 41281 - Disclosed: 2007-12-21

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1.

[CLOSE] OSVDB ID : 41280 - Disclosed: 2007-12-21

Description:

(Description Provided by CVE) : Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the lang parameter to pages/print/default/ops/news.php or (2) the theme_dir parameter to pages/download/default/ops/search.php; or the admin_theme_dir parameter to (3) download.php, (4) forum.php, or (5) news.php in admin/ops/reports/ops/. NOTE: it was later reported that 1.4.2 beta and earlier are also affected for vector 1.

[CLOSE] OSVDB ID : 44343 - Disclosed: 2008-04-13

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 62650 - Disclosed: 2010-03-02

Description:

1024 CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'rss.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 39763 - Disclosed: 2007-12-21

Description:

(Description Provided by CVE) : SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.