KAhara MAnhara

3 exploits Active since Feb 2015
CVE-2015-1578 NOMISEC WORKING POC
u5CMS < 3.9.3 - Open Redirect via pidvesa Cookie or uri Parameter
Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.
CVE-2015-1577 EXPLOITDB python WORKING POC
u5CMS < 3.9.3 - Path Traversal and Arbitrary File Write via f Parameter
Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) .. (dot dot) or (2) full pathname in the f parameter.
CVE-2015-1578 EXPLOITDB python WORKING POC
u5CMS < 3.9.3 - Open Redirect via pidvesa Cookie or uri Parameter
Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.