qdblog-lfisql.txt

. . . . | . .| . .;/ || Infos --------- Date : 2007-04-12 Product : QDBlog Version : v0.4 - Prior version maybe also be affected Vendor : http://sourceforge.net/projects/qdblog/ Vendor Status : 2007-04-12 - Not Informed! Description : QDBlog is an open-source, simple, minimalistic blogging...

CPS <=3.4.0 XSS

CPS =3.4.0 XSS Vuln. discovered by : r0t Date: 30 april 2006 vendorlink:http://www.cps-project.org/ affected versions:3.4.0 and prior orginal avdisory: http://pridels.blogspot.com/2006/04/cps-340-xss.html Vuln. Description: CPS contains a flaw that allows a remote cross site scripting attack. Thi...

AWStats 6.5.x multiple vuln.

AWStats 6.5.x multiple vuln. Vuln. discovered by : r0t Date: 20 april 2006 vendorlink:http://awstats.sourceforge.net/ affected versions: 6.5 build 1.857 and prior orginal advisory: http://pridels.blogspot.com/2006/04/awstats-65x-multiple-vuln.html Vuln. Description: 1. Cross-Site Scripting AWStat...

Net Clubs Pro XSS vuln

Net Clubs Pro XSS vuln Vuln. discovered by : r0t Date: 20 april 2006 vendor:www.aasimedia.com/nc/nc.shtml affected versions:4.0 and prior orginal advisory: http://pridels.blogspot.com/2006/04/net-clubs-pro-xss-vuln.html Vuln. Description: Net Clubs Pro contains a flaws that allows a remote cross...

Plexum X5 SQL vuln.

Plexum X5 SQL vuln. Vuln. discovered by : r0t Date: 19 april 2006 vendorlink:http://www.plexum.com/network/ affected versions:X5 and previous orginal advisory:http://pridels.blogspot.com/2006/04/plexum-x5-sql-vuln.html Vuln. Description: Plexum contains a flaw that allows a remote sql injection...

BluePay Manager v2.0 Script Insertion Vulnerability

BluePay Manager v2.0 Script Insertion Vulnerability Vuln. discovered by : r0t Date: 18 april 2006 vendor:bluepay.com affected versions:v2.0 and previous orginal advisory: http://pridels.blogspot.com/2006/04/bluepay-manager-v20-script-insertion.html Vuln. description: Input passed to the "Account...

Connect Daily Web Calendar Software Multiple XSS vuln.

Connect Daily Web Calendar Software Multiple XSS vuln. Vuln. discovered by : r0t Date: 27 march 2006 vendor:http://www.mhsoftware.com/connectdaily.htm affected versions:3.2.9 and prior orginal advisory:http://pridels.blogspot.com/2006/03/connect-daily-multiple-xss-vuln.html Vuln. description:...

XSS in <= Toast Forums 1.6

XSS in = Toast Forums 1.6 Vuln. discovered by : r0t Date: 25 march 2005 vendor:http://www.toastforums.com/ affected versions: 1.6 and prior orginal advisory: http://pridels.blogspot.com/2006/03/xss-in-toast-forums-16.html Vuln. Description. Toast Forums contains a flaw that allows a remote cross...

AdMan v1.0.x SQL vuln

AdMan v1.0.x SQL vuln Vuln. discovered by : r0t Date: 23 march 2006 vendor:www.formfields.com/adManArea/ affected versions: v1.0.20051221 and prior orginal advisory: http://pridels.blogspot.com/2006/03/adman-v10x-sql-vuln.html SQL vuln. AdMan contains a flaw that allows a remote sql injection...

[SA19289] CuteNews "archive" Disclosure of Sensitive Information Vulnerability

TITLE: CuteNews "archive" Disclosure of Sensitive Information Vulnerability SECUNIA ADVISORY ID: SA19289 VERIFY ADVISORY: http://secunia.com/advisories/19289/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CuteNews 1.x...

[SA19142] Owl Intranet Engine "xrms_file_root" File Inclusion Vulnerability

TITLE: Owl Intranet Engine "xrmsfileroot" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA19142 VERIFY ADVISORY: http://secunia.com/advisories/19142/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Owl Intranet Engine 0.x http://secunia.com/product/1579/...

LizardCart.txt

New eVuln Advisory: Lizard Cart CMS SQL Injection Vulnerability --------------------Summary---------------- Software: Lizard Cart CMS Sowtware's Web Site: http://sourceforge.net/projects/lizardcart Versions: 1.04 Critical Level: Dangerous Type: SQL Injection Class: Remote Status: Unpatched Exploi...

Magnolia XSS vuln.

Magnolia XSS vuln. Vuln. discovered by : r0t Date: 18 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/magnolia-xss-vuln.html vendor:http://www.magnolia.info affected version:2.1 and prior Product Description: Magnolia is the free, open source, J2EE deployable content management...

PHP JackKnife XSS vuln.

PHP JackKnife XSS vuln. Vuln. dicovered by : r0t Date: 13 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/php-jackknife-xss-vuln.html vendor:http://www.phpjk.com/ affected version: 2.21 and prior Product Description: PHP JackKnife is an easily set-up, fast, feature-rich photo galle...

SupportPRO Supportdesk XSS vuln.

SupportPRO Supportdesk XSS vuln. Vuln. dicovered by : r0t Date 23 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/supportpro-supportdesk-xss-vuln.html Vendor:http://supportpro.net/ Input passed to the post and view tickets parameters isn't properly sanitised before being returned t...

[SA17174] versatileBulletinBoard Cross-Site Scripting and SQL Injection

TITLE: versatileBulletinBoard Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA17174 VERIFY ADVISORY: http://secunia.com/advisories/17174/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information WHERE: From...

[SA15783] Whois.Cart Cross-Site Scripting and Local File Inclusion

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

[SA13718] b2evolution "title" SQL Injection Vulnerability

TITLE: b2evolution "title" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA13718 VERIFY ADVISORY: http://secunia.com/advisories/13718/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: b2evolution 0.x http://secunia.com/product/2126/ DESCRIPTION: r0ut3r ha...