Commix - Automated All-in-One OS Command Injection and Exploitation Tool

Commix short for command injection exploiter has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, ...

Multiple vulnerabilities in MantisBT

High-Tech Bridge Security Research Lab has discovered multiple vulnerabilities in MantisBT, which can be exploited to perform Cross-Site Scripting XSS and SQL injection attacks. Improper access control vulnerability discloses database's credentials login and password in plaintext. 1 Cross-Site...

Fluger Edit 2 Blind SQL Injection / Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ===================================================== Vulnerable Software: Fluger Edit v.2 || administration software Vendor: http://www.fluger.com/ Software License: Commercial Vulnerabilities: Blind SQL Injection And XSS Tested: In Wild...

Multiple vulnerabilities in PHPShop CMS Free

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHPShop CMS Free, which can be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-Site Scripting in PHPShop CMS Free 1.1 Input appended to the URL after multiple files is not properly...

Multiple vulnerabilities in BugFree

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BugFree which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in BugFree 1.1 Input passed via the "ActionType" GET parameter to Bug.php is not properly sanitis...

Multiple Vulnerabilities in Traq

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Traq which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Traq 1.1 The vulnerability exists due to input sanitation error in the "edit"...

Multiple Vulnerabilities in SiT! Support Incident Tracker

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in SiT! Support Incident...

Cross-site Scripting (XSS) Vulnerabilities in XOOPS

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in XOOPS which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerabilities in XOOPS: CVE-2011-4565 The vulnerability exists due to input sanitation error in the...

Six House Design Cross Site Scripting

IRANIAN THE BEST HACKERS IN THE WORLD Cross Site Scripting Vulnerabilities Six House Design index.php?notice employment.php?notice AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://sixhousedesign.com/ Persian Gulf 4 Ever! Exploite:...

Multiple Vulnerabilities in A Really Simple Chat (ARSC)

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in A Really Simple Chat ARSC which could be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in A Really Simple Chat ARSC:...

Script Insertion Vulnerabilities in Noah's Classifieds

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Noah's Classifieds which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Noah's Classifieds Input passed to the "col18", "description" and "titlePrefix" parameter in index.php i...

Cross-site Scripting (XSS) Vulnerabilities in webSPELL

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in webSPELL which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in webSPELL 1.1 The vulnerability exists due to input sanitation error in the "pass" and "touser...

Installation Path Disclosure Weakness in Tribiq CMS | HTB22857

High-Tech Bridge SA Security Research Lab has discovered a weakness in Tribiq CMS which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Tribiq CMS: CVE-2011-2727 The weakness exists due to application reveals the full path to...

Cross-site Scripting (XSS) Vulnerabilities in Photopad

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Photopad which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Photopad: CVE-2011-1063 1.1 The vulnerability exists due to input sanitation errors in the...

Cross-site Request Forgery Vulnerabilities in F3Site

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in F3Site which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in F3Site 1.1 The vulnerability exists due to insufficient validation of the reques...

Multiple Vulnerabilities in Injader CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Injader CMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Injader CMS 1.1 The vulnerability exists due to input sanitation error...

Multiple Vulnerabilities in SweetRice CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SweetRice CMS which could be exploited to perform cross-site scripting and SQL injection attacks and change administrators password. 1 Cross-site scripting XSS vulnerability in SweetRice CMS The vulnerability...

Cross-site Scripting (XSS) Vulnerabilities in ATutor

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ATutor which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in ATutor The vulnerability exists due to input sanitation error in the "cid" parameter in...

Multiple Cross-site Scripting (XSS) Vulnerabilities in Spitfire

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Spitfire 1.1 The vulnerability exists due to input sanitation error in the "cmsid" and...

Multiple Vulnerabilities in OneCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in OneCMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in OneCMS The vulnerability exists due to input sanitation error in the "cat"...