62 matches found
phplist 3.2.6 - SQL Injection Vulnerability
Exploit for php platform in category web applications 1. Introduction Affected Product: phplist 3.2.6 Fixed in: 3.3.1 Fixed Version Link: https://sourceforge.net/projects/phplist/files/phplist/3.3.1/phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability Type: SQL...
phplist 3.2.6 - SQL Injection
Introduction Affected Product: phplist 3.2.6 Fixed in: 3.3.1 Fixed Version Link: https://sourceforge.net/projects/phplist/files/phplist/3.3.1/phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor:...
phplist 3.2.6 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected phplist 3.2.6 Product: Fixed in: 3.3.1 Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/ Link: phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability XSS Type: Remote Yes...
Plone 5.0.5 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Plone 5.0.5 Fixed in: Hotfix 20170117 Fixed Version Link: https://plone.org/security/hotfix/20170117 Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016...
Elefant CMS 1.3.12-RC Cross Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant1313rc Vendor Website: https://www.elefantcms.com/ Vulnerability CSRF Type: Remote Yes Exploitable:...
FUDforum 3.0.6 - Local File Inclusion
FUDforum 3.0.6 - Local File Inclusion Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: LFI Remote Exploitable: Yes Reported to vendor: 04/11/2016...
FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public:...
Lepton 2.2.2 Stable Shell Upload Vulnerability
Lepton version 2.2.2 Stable suffers from a remote code execution vulnerability via a remote shell upload. 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website:...
MyLittleForum 2.3.6.1 XSS / Path Overwrite Vulnerability
MyLittleForum version 2.3.6.1 suffers from path overwrite and cross site scripting vulnerabilities. 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website:...
Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags Vulnerabilities
Jaws version 1.1.1 suffers from object injection, open redirection, and cookie flag related vulnerabilities. 1. Introduction Affected Product: Jaws 1.1.1 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://jaws-project.com/ Vulnerability Type: Object Injection, Open Redirect, Cooki...
FUDforum 3.0.6 Local File Inclusion Vulnerability
FUDforum version 3.0.6 suffers from a local file inclusion vulnerability. 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: LFI Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclose...
FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities
FUDforum version 3.0.6 suffers from cross site request forgery and cross site scripting vulnerabilities. 1. Introduction Affected Product: FUDforum 3.0.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable:...
MyLittleForum 2.3.6.1 Cross Site Request Forgery Vulnerability
MyLittleForum version 2.3.6.1 suffers from a cross site request forgery vulnerability. 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website: http://mylittleforum.net/...
MoinMoin 1.9.8 Cross Site Scripting Vulnerability
MoinMoin version 1.9.8 suffers from cross site scripting vulnerabilities. 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported...
Lepton 2.2.2 Stable SQL Injection Vulnerability
Lepton version 2.2.2 Stable suffers from remote SQL injection vulnerabilities. 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type: S...
Mezzanine 4.2.0 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Mezzanine 4.2.0 Fixed in: 4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...
MyLittleForum 2.3.6.1 Cross Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website: http://mylittleforum.net/ Vulnerability Type: CSRF Remote Exploitable: Yes...
MyLittleForum 2.3.6.1 XSS / Path Overwrite
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website: http://mylittleforum.net/ Vulnerability Type: XSS & RPO Remote Exploitable: Y...
MoinMoin 1.9.8 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016 Disclosed...
MyBB 1.8.6 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 01/29/2016 Disclosed...