17 matches found
Security CheatSheets - A collection of cheatsheets for various infosec tools and topics
These security cheatsheets are part of a project for the Ethical Hacking and Penetration Testing course offered at the University of Florida. Expanding on the default set of cheatsheets, the purpose of these cheatsheets are to aid penetration testers/CTF participants/security enthusiasts in...
sweetrice cms 0.6.7 - Multiple Vulnerabilities
No description provided by source. Vulnerability ID: HTB22669 Reference: http://www.htbridge.ch/advisory/resetadminpasswordinsweetricecms.html Product: SweetRice CMS Vendor: basic-cms.org http://www.basic-cms.org/ Vulnerable Version: 0.6.7 Vendor Notification: 21 October 2010 Vulnerability Type:...
Live Hacking DVD v1.3 Beta - Download !
Live Hacking DVD v1.3 Beta - Download ! Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this 'Live CD" runs directly from the DVD and doesn't require installation on your...
Feng Office 1.7.3.3 CSRF Vulnerability
Exploit for php platform in category web applications Product: Feng Office Vendor: Secure Data SRL http://www.fengoffice.com/ Vulnerable Version: 1.7.3.3 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level: Low Credit:...
SyndeoCMS 2.8.02 XSS / Path Disclosure / SQL Injection
================================= Vulnerability ID: HTB22899 Reference: http://www.htbridge.ch/advisory/pathdisclosureinsyndeocms.html Product: SyndeoCMS Vendor: http://www.syndeocms.org/ http://www.syndeocms.org/ Vulnerable Version: 2.8.02 Vendor Notification: 10 March 2011 Vulnerability Type:...
HTB22878: XSS vulnerability in CosmoShop
Vulnerability ID: HTB22878 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincosmoshop.html Product: CosmoShop Vendor: Zaunz Publishing GmbH http://www.cosmoshop.de/ Vulnerable Version: ePRO V10.05.00 Vendor Notification: 24 February 2011 Vulnerability Type: Stored XSS Cross Site...
HTB22870: SQL Injection in GRAND Flash Album Gallery wordpress plugin
Vulnerability ID: HTB22870 Reference: http://www.htbridge.ch/advisory/sqlinjectioningrandflashalbumgallerywordpressplugin.html Product: GRAND Flash Album Gallery wordpress plugin Vendor: Sergey Pasyuk http://codeasily.com/ Vulnerable Version: 0.55 Vendor Notification: 22 February 2011 Vulnerabili...
WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities
WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities Vulnerability ID: HTB22846 Reference: http://www.htbridge.ch/advisory/sqlinjectioniniwantonebuttonwordpres splugin.html Product: IWantOneButton wordpress plugin Vendor: Daniel Sands http://www.danielsands.co.cc/ Vulnerable Version:...
RedaxScript 0.3.2 - Multiple Vulnerabilities
RedaxScript 0.3.2 - Multiple Vulnerabilities ================================== Vulnerability ID: HTB22805 Reference: http://www.htbridge.ch/advisory/pathdisclosureinredaxscript.html Product: Redaxscript Vendor: http://redaxscript.com/ http://redaxscript.com/ Vulnerable Version: 0.3.2 Vendor...
diafan.CMS 4.3 Multiple Vulnerabilities
Exploit for php platform in category web applications Product: diafan.CMS Vendor: Diafan http://www.diafan.ru/ Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF Cross-Site Request Forgery Status: Not Fixed, Vendor Alerted, Awaiting...
Diafan CMS 4.3 Cross Site Request Forgery / Cross Site Scripting
====================================== Vulnerability ID: HTB22776 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityindiafancms.html Product: diafan.CMS Vendor: Diafan http://www.diafan.ru/ Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010...
SQL Injection in phpMySport
Vulnerability ID: HTB22771 Reference: http://www.htbridge.ch/advisory/sqlinjectioninphpmysport1.html Product: phpMySport Vendor: phpMySport http://phpmysport.sourceforge.net/ Vulnerable Version: 1.4 Vendor Notification: 21 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor...
SweetRice CMS 0.6.7 Multiple Vulnerabilities
Exploit for php platform in category web applications ============================================ SweetRice CMS 0.6.7 Multiple Vulnerabilities ============================================ Product: SweetRice CMS Vendor: basic-cms.org http://www.basic-cms.org/ Vulnerable Version: 0.6.7 Vendor...
SweetRice 0.6.7 - Multiple Vulnerabilities
SweetRice 0.6.7 - Multiple Vulnerabilities Vulnerability ID: HTB22669 Reference: http://www.htbridge.ch/advisory/resetadminpasswordinsweetricecms.html Product: SweetRice CMS Vendor: basic-cms.org http://www.basic-cms.org/ Vulnerable Version: 0.6.7 Vendor Notification: 21 October 2010 Vulnerabilit...
sNews CMS - Multiple Cross-Site Scripting Vulnerabilities
sNews CMS - Multiple Cross-Site Scripting Vulnerabilities Vulnerability ID: HTB22638 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsnews1.html Product: sNews Vendor: sNews Team tp://www.snewscms.com/ Vulnerable Version: 1.7 and probably prior versions Vendor Notification: 05 Octobe...
e107 v0.7.23 SQL Injection Vulnerability
Exploit for php platform in category web applications ======================================== e107 v0.7.23 SQL Injection Vulnerability ======================================== Product: e107 Website System Vendor: e107 http://www.e107.org/ Vulnerable Version: 0.7.23 and Probably Prior Versions...
PDQ Script 1.0 <== [listingid] SQL Injection
Exploit for unknown platform in category web applications ============================================ PDQ Script 1.0 == listingid SQL Injection ============================================ +===================================================================================+ | | | PDQ Script 1.0 ...