source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The Rat CMS Pre-Alpha 2 is vulnerable; other versions may also be affected. http://www.example.com/[trcms_path]/viewarticle.php/<XSS> http://www.example.com/[trcms_path]/viewarticle.php?id=<XSS>
Related Exploits
Trying to match CVEs (1): CVE-2008-5164Trying to match OSVDBs (1): 50004
Other Possible E-DB Search Terms: The Rat CMS
Date | D | V | Title | Author |
---|---|---|---|---|
2008-12-14 |
![]() |
The Rat CMS Alpha 2 - 'download.php' Priviledge Escalation | x0r | |
2009-01-04 |
![]() |
The Rat CMS Alpha 2 - Blind SQL Injection | darkjoker | |
2008-06-26 |
![]() |
The Rat CMS - 'viewarticle.php?id' SQL Injection | CWH Undergr... | |
2008-06-26 |
![]() |
The Rat CMS - 'viewarticle2.php?id' Cross-Site Scripting | CWH Undergr... | |
2008-06-26 |
![]() |
The Rat CMS - 'viewarticle2.php?id' SQL Injection | CWH Undergr... | |
2009-09-09 |
![]() |
The Rat CMS Alpha 2 - Arbitrary File Upload | Securitylab.ir | |
2008-12-15 |
![]() |
The Rat CMS Alpha 2 - Authentication Bypass | x0r |