25 matches found
Cross-Site Scripting (XSS) in Ilch CMS
High-Tech Bridge Security Research Lab discovered vulnerability in Ilch CMS, which can be exploited to perform Cross-Site Scripting XSS attacks against users and administrators of vulnerable application. 1 Cross-Site Scripting XSS in Ilch CMS: CVE-2014-1944 The vulnerability exists due to...
Chamilo LMS 1.9.6 (profile.php, password0 param) - SQL Injection Vulnerability
Exploit for php platform in category web applications High-Tech Bridge Security Research Lab discovered vulnerability in Chamilo LMS, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Chamilo LMS: CVE-2013-6787 The vulnerability exists due to insufficient validation of...
Dokeos 2.2 RC2 (index.php, language param) - SQL Injection Vulnerability
Exploit for php platform in category web applications High-Tech Bridge Security Research Lab discovered vulnerability in Dokeos, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Dokeos: CVE-2013-6341 The vulnerability exists due to insufficient validation of "language"...
WordPress Tweet Blender 4.0.1 Cross Site Scripting
Advisory ID: HTB23180 Product: Tweet Blender Wordpress Plugin Vendor: kirilln Vulnerable Versions: 4.0.1 and probably prior Tested Version: 4.0.1 Advisory Publication: October 25, 2013 without technical details Vendor Notification: October 25, 2013 Vendor Patch: November 13, 2013 Public Disclosur...
Zikula 1.3.5 Build 20 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Product: Zikula Application Framework Vendor: Zikula Software Foundation Vulnerable Versions: 1.3.5 build 20 and probably prior Tested Version: 1.3.5 build 20 Advisory Publication: October 16, 2013 without technical details Vendor Notification...