DevilAuron

3 exploits Active since Nov 2007
CVE-2007-6086 EXPLOITDB text WRITEUP
VigileCMS 1.4 - Path Traversal via Module Parameter
Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.
CVE-2007-6085 EXPLOITDB text WRITEUP
VigileCMS 1.4 - Cross-Site Scripting via Message Field in vedipm or live_chat Module
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.
CVE-2007-6087 EXPLOITDB text WRITEUP
VigileCMS 1.4 - Cross-Site Request Forgery via changepass Module
Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attackers to change the admin password via certain parameters to the changepass module.