Lucene search
+L

174 matches found

Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.33 views

appRain 4.0.3 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to public: 12/02/2015 Release mode: Full...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.33 views

appRain 4.0.3 Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: Fixed via Optional Module CSRF Protection Module http://www.apprain.com/extension/20/accounting-system?s Link: =Description Vendor Website: [email protected] Vulnerability Type: CSRF Remote...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.41 views

redaxscript 2.5.0 Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: redaxscript 2.5.0 Fixed in: module has been removed in version 2.6.0 Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 10/02/2015...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.32 views

redaxscript 2.5.0 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: redaxscript 2.5.0 Fixed in: 2.6.1 Fixed Version Link: http://redaxscript.com/files/releases/ redaxscript2.6.1full.zip Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.32 views

appRain 4.0.3 Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to public: 12/02/2015 Release...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/12/10 12:0 a.m.37 views

CodoForum 3.4 Cross Site Scripting Vulnerability

CodoForum version 3.4 suffers from a cross site scripting vulnerability. CodoForum 3.4 Cross Site Scripting Vulnerability 1. Introduction Affected Product: CodoForum 3.4 Fixed in: not fixed Release mode: Full Disclosure CVE: Requested, but not assigned Credits Tim Coen of Curesec GmbH 2...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/10 12:0 a.m.28 views

appRain 4.0.3 Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: [email protected] Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to public: 12/02/2015 Release...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.28 views

phpwcms 1.7.9 Cross Site Request Forgery

Security Advisory - Curesec Research Team 1. Introduction Affected Product: phpwcms 1.7.9 Fixed in: 1.8.0 RC1 Fixed Version https://github.com/slackero/phpwcms/archive/ Link: phpwcms-1.8.0-RC1.zip Vendor Website: http://www.phpwcms.de/ Vulnerability CSRF Type: Remote Yes Exploitable: Reported to...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.41 views

4images 1.7.12 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: 4images 1.7.12 Fixed in: 1.7.13 update Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/29/2015...

Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.31 views

CodoForum 3.4 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: CodoForum 3.4 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 12/02/2015 Release mode: Fu...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.37 views

4images 1.7.11 SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: 4images 1.7.11 Fixed in: 1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor:...

Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.35 views

Geeklog 2.1.0 Command Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Geeklog 2.1.0 Fixed in: 2.1.1b3 Fixed Version Link: https://www.geeklog.net/filemgmt/visit.php/1156 Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to...

Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.38 views

4images 1.7.11 Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: 4images 1.7.11 Fixed in: 1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.40 views

4images 1.7.11 Code Execution

!/usr/local/bin/python Exploit for 4images 1.7.11 Code Execution vulnerability An admin account is required to use this exploit Curesec GmbH import sys import re import argparse import requests requires requests lib parser = argparse.ArgumentParser parser.addargument"url", help="base url to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.34 views

Geeklog 2.1.0 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Geeklog 2.1.0 Fixed in: 2.1.1b3 Fixed Version Link: https://www.geeklog.net/filemgmt/visit.php/1156 Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:...

Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.28 views

Geeklog 2.1.0 Command Injection

!/usr/local/bin/python Exploit for geeklog-2.1.0 OS Command Injection vulnerability An admin account is required to use this exploit Curesec GmbH import sys import re import argparse import requests requires requests lib parser = argparse.ArgumentParser parser.addargument"url", help="base url to...

Exploits0
Packet Storm
Packet Storm
added 2015/12/09 12:0 a.m.37 views

4images 1.7.11 Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: 4images 1.7.11 Fixed in: 1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor:...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/11/17 12:0 a.m.25 views

LiteCart 1.3.2 Cross Site Scripting Vulnerability

LiteCart version 1.3.2 suffers from a cross site scripting vulnerability. 1. Introduction Affected Product: LiteCart 1.3.2 Fixed in: 1.3.3 Fixed Version Link: https://www.litecart.net/downloading?version=1.3.3.1 Vendor Contact: email protected Vulnerability Type: XSS Remote Exploitable: Yes...

6.7AI score
Exploits0
0day.today
0day.today
added 2015/11/17 12:0 a.m.35 views

AlegroCart 1.2.8 - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications 1. Introduction Affected Product: AlegroCart 1.2.8 Fixed in: Patch AC128fix17102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1040 Vendor Website: http://alegrocart.com/ Vulnerability Type: SQL Injection Remote Exploitable: Y...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/11/16 12:0 a.m.30 views

LiteCart 1.3.2 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LiteCart 1.3.2 Fixed in: 1.3.3 Fixed Version Link: https://www.litecart.net/downloading?version=1.3.3.1 Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/07/20...

7.4AI score
Exploits0
Rows per page
Query Builder