149 matches found
eoCMS 0.9.04 - Multiple Vulnerabilities
Vulnerability ID: HTB22677 Reference: http://www.htbridge.ch/advisory/bbcodexssineocms.html Product: eoCMS Vendor: eocms.com http://eocms.com Vulnerable Version: 0.9.04 Vendor Notification: 21 October 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting...
Novaboard 1.1.4 - Local File Inclusion
Vulnerability ID: HTB22657 Reference: http://www.htbridge.ch/advisory/lfiinnovaboard.html Product: Novaboard Vendor: Novaboard http://www.novaboard.net/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability Type: Local File Inclusion Status: Not...
Unfixed XSS vulnerability at developers.notionink.com
Security researcher durlydurly, has submitted on 20/10/2010 a cross-site-scripting XSS vulnerability affecting developers.notionink.com, which at the time of submission ranked 194890 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. I...
FreshFTP 5.36 Directory Traversal
Vulnerability ID: HTB22628 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinfreshftp.html Product: FreshFTP Vendor: FreshWebMaster http://www.freshwebmaster.com Vulnerable Version: 5.36 and Probably Prior Versions Vendor Notification: 27 September 2010 Vulnerability Typ...
Unfixed XSS vulnerability at www.ymcabitola.org.mk
Security researcher RoAdKiLlEr, has submitted on 20/09/2010 a cross-site-scripting XSS vulnerability affecting www.ymcabitola.org.mk, which at the time of submission ranked 27387061 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/11/2011. It...
System Shop SQL Injection
/ | / | | | | | | | | | | | | | | | \ | || | | /| | | | | || || | \ | | | | |/||| \| || Exploit Title: System Shop SQL Injection - Module aktkat= Date: 12.09.2010 Author: secret Software Link: www.system-shop.at Version: latest version Tested on: XP / Linux Dorks : inurl:"aktkat" / "Powered by...
System Shop - 'Module aktka' SQL Injection
/ | / | | | | | | | | | | | | | | | \ | || | | /| | | | | || || | \ | | | | |/||| \| || Exploit Title: System Shop SQL Injection - Module aktkat= Date: 12.09.2010 Author: secret Software Link: www.system-shop.at Version: latest version Tested on: XP / Linux Dorks : inurl:"aktkat" / "Powered by...
XSS vulnerability in Amiro.CMS FAQ
Vulnerability ID: HTB22590 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinamirocms1.html Product: Amiro.CMS Vendor: Amiro http://www.amiro.ru/ Vulnerable Version: 5.8.4.0 and Probably Prior Versions Vendor Notification: 18 August 2010 Vulnerability Type: Stored XSS Cross Site...
SQL injection vulnerability in TCMS
Vulnerability ID: HTB22576 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityintcms2.html Product: TCMS Vendor: Target CMS http://targetcms.com/ Vulnerable Version: 100728 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulnerability Type: SQL Injection Status: N...
XSS vulnerability in CMS Source
Vulnerability ID: HTB22548 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincmssource.html Product: CMS Source Vendor: Proud Daddy Web Design http://www.prouddaddy.net/ Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions Vendor Notification: 28 July 2010 Vulnerabilit...
CMS Source SQL Injection / Cross Site Scripting / Local File Inclusion
================================================================== Vulnerability ID: HTB22545 Reference: http://www.htbridge.ch/advisory/localfileinclusionincmssource.html Product: CMS Source Vendor: Proud Daddy Web Design http://www.prouddaddy.net/ Vulnerable Version: Current at 28.07.2010 and...
Unfixed XSS vulnerability at www.enteryourhours.com
Security researcher nullbyt3 XSS POC, has submitted on 08/07/2010 a cross-site-scripting XSS vulnerability affecting www.enteryourhours.com, which at the time of submission ranked 3821711 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...
Unfixed XSS vulnerability at www.assecobs.pl
Security researcher cbr, has submitted on 25/07/2010 a cross-site-scripting XSS vulnerability affecting www.assecobs.pl, which at the time of submission ranked 371959 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...
XSS vulnerability in Spitfire
Vulnerability ID: HTB22482 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinspitfire.html Product: Spitfire Vendor: Claus Muus http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.336 and Probably Prior Versions Vendor Notification: 08 July 2010 Vulnerability Type: XSS Cross Site...
Ecomat CMS Remote SQL Injection Vulnerability
Exploit for php platform in category web applications ============================================= Ecomat CMS Remote SQL Injection Vulnerability ============================================= Product: Ecomat CMS Vendor: Codefabrik GmbH Vulnerable Version: 5.0 and Probably Prior Versions Vendor...
synType CMS Cross Site Scripting
Vulnerability ID: HTB22417 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinsyntypecmscommenttextfield.html Product: synType CMS Vendor: MindArray GbR Vulnerable Version: V.0.12.2 and Probably Prior Versions Vendor Notification: 03 June 2010 Vulnerability Type: Stored XSS Cross...
SQL injection vulnerability in 360 Web Manager
Vulnerability ID: HTB22378 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityin360webmanager.html Product: 360 Web Manager Vendor: 360 Web Manager Vulnerable Version: 3.0 Vendor Notification: 10 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiti...
LiSK CMS 4.4 - SQL Injection
Vulnerability ID: HTB22373 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinliskcms1.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 06 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor...
XSS vulnerability in LiSK CMS
Vulnerability ID: HTB22372 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinproduct.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 05 May 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendor Alerted, Awaiting Vendor...
Manage Engine Service Desk Plus 7.6 woID SQL Injection Vulnerability
Exploit for jsp platform in category web applications ==================================================================== Manage Engine Service Desk Plus 7.6 woID SQL Injection Vulnerability ==================================================================== Advisory Name: SQL injection in Mana...