Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota un...

Notepad++: Stack overflow affecting "ext" field on stylers.xml configuration file

Summary: A stack buffer overflow vulnerability affects "ext" field into "stylers.xml" configuration file. "isInList" function doesn't check boundaries on word64 array. Description: Vulnerability src file: notepad-plus-plus/PowerEditor/src/MISC/Common/Common.cpp Vulnerability line: line 329 Variab...

Reflected Cross-Site Scripting (XSS) in Simple Email Form Joomla Extension

High-Tech Bridge Security Research Lab discovered vulnerability in Simple Email Form Joomla Extension, which can be exploited to perform Cross-Site Scripting XSS attacks against visitors and administrators of Joomla websites with installed plugin. 1 Reflected Cross-Site Scripting XSS in Simple...

Reflected Cross-Site Scripting (XSS) in MaxButtons WordPress Plugin

High-Tech Bridge Security Research Lab discovered vulnerability in MaxButtons WordPress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks against logged-in administrator. 1 Reflected Cross-Site Scripting XSS in MaxButtons wordpress plugin: CVE-2014-7181 Input passed via t...

Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin

High-Tech Bridge Security Research Lab discovered vulnerability in Google Calendar Events WordPress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks against administrator of a WordPress website with vulnerable plugin. 1 Reflected Cross-Site Scripting XSS in Google Calend...

Reflected Cross-Site Scripting (XSS) in BlackCat CMS

High-Tech Bridge Security Research Lab discovered vulnerability in BlackCat CMS, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Reflected Cross-Site Scripting XSS in BlackCat CMS: CVE-2014-5259 The vulnerability exists due to insufficient sanitization of the "msg" HTTP GET...

Cross-Site Scripting (XSS) in Ilch CMS

High-Tech Bridge Security Research Lab discovered vulnerability in Ilch CMS, which can be exploited to perform Cross-Site Scripting XSS attacks against users and administrators of vulnerable application. 1 Cross-Site Scripting XSS in Ilch CMS: CVE-2014-1944 The vulnerability exists due to...

Cross-Site Scripting (XSS) in Komento Joomla Extension

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Komento Joomla Extension, which can be exploited to perform script insertion attacks. 1 Cross-Site Scripting XSS in Komento Joomla Extension: CVE-2014-0793 1.1 The vulnerability exists due to insufficient sanitisation of...

ClipShare 4.1.4 - Multiple Vulnerabilities

===================================================================== Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software License: Commercial. Vulns: Blind SQl injection && Plaintext Password...

ClipShare 4.1.4 SQL Injection / Plaintext Password Vulnerabilities

ClipShare version 4.1.4 suffers from remote blind SQL injection and plaintext password vulnerabilities. ===================================================================== Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software...

Flexap Control Panel 5.1 Blind SQL Injection Vulnerability

Exploit for php platform in category web applications ===================================================== Vulnerable software: Control Panel version 5.1 Vendor: http://www.flexap.am/ Vuln type: Blind SQL Injection Software License: Commercial Software: Control Panel version 5.1 Discovered and...

Flexap.am Control Panel 5.1 Blind SQL Injection

===================================================== Vulnerable software: Control Panel version 5.1 Vendor: http://www.flexap.am/ Vuln type: Blind SQL Injection Software License: Commercial Software: Control Panel version 5.1 Discovered and Exploited in Wild...

Cross-site Scripting (XSS) Vulnerability in Redirection WordPress Plugin

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Redirection WordPress Plugin which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Redirection WordPress Plugin Input passed via the "id" GET parameter to...

Cross-site Scripting (XSS) Vulnerabilities in eShop for Wordpress

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eShop for Wordpress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in eShop for Wordpress 1.1 The vulnerability exists due to input sanitation error i...

Multiple Vulnerabilities in LoudBlog

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LoudBlog which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in LoudBlog The vulnerability exists due to input sanitation error in the "id"...

Cross-site Scripting (XSS) Vulnerability in WP Photo Album

High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP Photo Album which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP Photo Album The vulnerability exists due to input sanitation error in the "id" parameter in...

Cross-site Request Forgery (CSRF) in Plogger

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Plogger which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerability in Plogger The vulnerability exists due to insufficient validation of the request...

Multiple Vulnerabilities in Collabtive

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Collabtive which could be exploited to perform cross-site scripting and cross-site request forgery attacks and gain access to sensitive information. 1 Cross-site scripting XSS vulnerability in Collabtive 1.1 The...

Cross-site Scripting (XSS) Vulnerability in Question and Answer Forum

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Question and Answer Forum WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Question and Answer Forum The vulnerability exists due to input...

SQL Injection Vulnerabilities in WP Forum Server

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in WP Forum Server WordPress plugin which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerabilities in WP Forum Server 1.1 The vulnerability exists due to input sanitation errors in the...