Cross-site Scripting (XSS) Vulnerability in DSite CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in DSite CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in DSite CMS The vulnerability exists due to input sanitation error in the "buttonname" parameter in...

Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...

Alt-N MDaemon WorldClient Service Memory Corruption (CVE-2008-2631)

A memory corruption vulnerability exists in Alt-N Technologies MDaemon WorldClient. The vulnerability is due to a NULL pointer dereference in processing a malicious HTTP POST request. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the...

Cross-site Scripting (XSS) Vulnerabilities in CruxPA

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxPA which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in CruxPA: CVE-2010-2718 The vulnerability exists due to input sanitation err...

Cross-site Scripting (XSS) Vulnerability in ForumCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in ForumCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in ForumCMS The vulnerability exists due to input sanitation error in the "keyword" parameter in...

Core Security Technologies Advisory 2010.0415

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ SQL Injection in CubeCart PHP Free & Commercial Shopping Cart Application 1. Advisory Information Title: SQL Injection in CubeCart PHP Free & Commercial Shopping Cart...

Cross-site Scripting (XSS) Vulnerabilities in synType CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in synType CMS which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in synType CMS The vulnerability exists due to input sanitation error in...

Cross-site Scripting (XSS) Vulnerability in Nuggetz CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Nuggetz CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Nuggetz CMS The vulnerability exists due to input sanitation error in the "pagevalue" parameter in...

Cross-site Scripting (XSS) Vulnerability in moziloCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in moziloCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in moziloCMS The vulnerability exists due to input sanitation error in the HTTP POST parameter "pageconten...

Cross-site Scripting (XSS) Vulnerability in log1CMS

High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in log1CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in log1CMS The vulnerability exists due to input sanitation error in the HTTP POST parameter "content"...

IPB 3.0.1 sql injection exploit

Exploit for php platform in category web applications =============================== IPB 3.0.1 sql injection exploit =============================== Attention!\n"; echo "\n"; echo "Error!\n"; echo "This exploit is meant to be used as php CLI script!\n"; echo "More inform...

Multiple Cross-site Scripting Vulnerabilities in GetSimple CMS

High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in GetSimple CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerability in GetSimple CMS: CVE-2010-5052 The vulnerability exists due to input sanitation error in the "val"...

Cross-site Scripting Vulnerability in razorCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in razorCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in razorCMS: CVE-2010-5051 The vulnerability exists due to input sanitation error in the "content" paramete...

Cross-site Scripting (XSS) Vulnerability in JComments Component for Joomla!

High-Tech Bridge SA Security Research Lab has discovered vulnerability in JComments component for Joomla! which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in JComments: CVE-2010-5048 The vulnerability exists due to input sanitation error i...

McAfee ePolicy Orchestrator Agent HTTP POST Handling Flaw (CVE-2004-0095)

McAfee Corporation is a major vendor of numerous anti-virus, network, and desktop security products which are deployed in consumer as well as enterprise environments. McAfee ePolicy Orchestrator is a central security management system to manage security policy, assess and enforce policy, notify...

Zeus Trojan Now Has Hardware Licensing Scheme

The authors of the Zeus bot client, perhaps the most popular and pervasive piece of malware of its kind right now, have taken an extraordinary step to protect their creation: inserting a hardware-based licensing scheme into the Trojan. This represents a significant leap in the sophistication and...

Fedora Update for curl FEDORA-2010-2762

Check for the Version of curl OpenVAS Vulnerability Test Fedora Update for curl FEDORA-2010-2762 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 12 Update: curl-7.19.7-7.fc12

cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, F...

Novell GroupWise Messenger HTTP POST Request Invalid Memory Access (CVE-2006-4511)

Novell GroupWise Messenger is a corporate instant messaging solution targeted towards medium to large enterprise organizations. It facilitates secure communications and policy-based management through Novell's eDirectory product suite. The product is based on a client-server model where messaging...

Qbik WinGate WWW Proxy Server URL Processing Overflow

$Id: qbikwingatewwwproxy.rb 8547 2010-02-18 15:58:26Z patrickw $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...