Published: 11/02/2015 Updated: 12/02/2015

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Multiple open redirect vulnerabilities in u5CMS prior to 3.9.4 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to u5admin/pidvesa.php or (2) uri parameter to u5admin/meta2.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yuba u5cms

#!/usr/bin/python # Author KAhara MAnhara # Achat 0150 beta7 - Buffer Overflow # Tested on Windows 7 32bit import socket import sys, time # msfvenom -a x86 --platform Windows -p windows/exec CMD=calcexe -e x86/unicode_mixed -b '\x00\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x ...

Achat 0.150 beta7 - Remote Buffer Overflow Rewrite for python3 for the PNPT course.

CVE-2015-1578 Achat 0150 beta7 - Remote Buffer Overflow Rewrite for python3 for the PNPT course Original: Author KAhara MAnhara Rewritten: in python3 by Giuseppe Aloisi Achat 0150 beta7 - Buffer Overflow Tested on Windows 7 32bit wwwexploit-dbcom/exploits/36025 give the script a few seconds to give you a reverse shell #Run the msfvenom command In the code msfven

NVD-CWE-Other http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5227.php http://packetstormsecurity.com/files/130317/u5CMS-3.9.3-Open-Redirect.html https://nvd.nist.gov https://github.com/Zeppperoni/CVE-2015-1578 https://www.exploit-db.com/exploits/36025/

CVE-2015-1578

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect