Got.my Link Exchange 1.8.9 SQL Injection

Vendor: http://www.got.my http://www.got.my/LINK-EXCHANGE-Script Vulnerable Version: 1.8.9 Vulnerability Type: SQL Injection Risk level: High Credit: Hector.x90 Vulnerability Details: The vulnerability exists due to failure in the "/admin/categories.php" script to properly sanitize user-supplied...

Multiple Vulnerabilities in Ripe website manager

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Ripe website manager which could be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Ripe website manager The...

Multiple Vulnerabilities in IWantOneButton WordPress Plugin

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in IWantOneButton WordPress Plugin which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in IWantOneButton WordPress Plugin The vulnerability...

SQL Injection Vulnerabilities in Seo Panel

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Seo Panel which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerabilities in Seo Panel 1.1 The vulnerability exists due to input sanitation errors in the "langcode" parameter in...

Multiple Vulnerabilities in Injader CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Injader CMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Injader CMS 1.1 The vulnerability exists due to input sanitation error...

Multiple Vulnerabilities in SweetRice CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SweetRice CMS which could be exploited to perform cross-site scripting and SQL injection attacks and change administrators password. 1 Cross-site scripting XSS vulnerability in SweetRice CMS The vulnerability...

SQL Injection Vulnerability in DeluxeBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in DeluxeBB which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerability in DeluxeBB: CVE-2010-4151 An input validation error exists in the "xthedateformat" parameter in...

Multiple vulnerabilities in TCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Target CMS TCMS, which could be exploited to perform cross-site scripting and SQL Injection attacks, read arbitrary files and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in TCMS 1.1 A...

Multiple Vulnerabilities in OneCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in OneCMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in OneCMS The vulnerability exists due to input sanitation error in the "cat"...

Multiple Vulnerabilities in AneCMS

High-Tech Bridge SA Security Research Lab has discovered three vulnerabilities in AneCMS which could be exploited to perform cross-site scripting and script insertion attacks and execute arbitrary SQL commands in applications database. 1 Cross-site scripting XSS vulnerability in AneCMS The...

LiSK CMS 4.4 cp_messages.php SQL Injection

Vulnerability ID: HTB22371 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinliskcms.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 06 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor...

Multiple Vulnerabilities in LiSK CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LiSK CMS which could be exploited to perform cross-site scripting attacks and execute arbitrary SQL commands in applications database. 1 Cross-site scripting XSS vulnerability in LiSK CMS: CVE-2010-2013 The...

HyperStop WebHost Directory 1.2 - Database Disclosure

HyperStop WebHost Directory 1.2 - Database Disclosure source: https://www.securityfocus.com/bid/31249/info HyperStop WebHost Directory is reported prone to an information-disclosure vulnerability. Successful exploits of this issue may allow an attacker to obtain sensitive information by downloadi...

Belchior Foundry VCard 2.8 - Authentication Bypass

Belchior Foundry VCard 2.8 - Authentication Bypass source: https://www.securityfocus.com/bid/9910/info It has been reported that vCard is prone to a remote authentication bypass vulnerability. This issue is due to a design error that would allow a malicious user access to certain admin...