PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities

Title: ====== PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=623 VL-ID: ===== 625 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= PBBoard...

SMF Board v2.0.2 - Multiple Web Vulnerabilities

Title: ====== SMF Board v2.0.2 - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=596 VL-ID: ===== 624 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: ============= Simple...

AVAVoIP v1.5.12 - Multiple Web Vulnerabilities

Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...

Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability

Title: ====== Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Date: ===== 2012-05-29 References: =========== http://www.blackboard.com/Platforms/Learn/Overview.aspx VL-ID: ===== 580 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...

Apache Struts 2 struts2-rest-showcase orders 'clientName' Parameter Persistent XSS

The remote web server hosts Struts2-rest-showcase, a demonstration application for the Struts 2 framework. Input passed via the 'clientName' parameter to the orders page is not properly sanitized, which can allow for arbitrary HTML and script code to be loaded onto the system and executed when a...

ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting Blind SQL Injection Remote Code Execution

ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting Blind SQL Injection Remote Code Execution / Exploit Title: Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE Date: Jul 22 2012 Author: muts Version: Ipswitch WhatsUp Gold 15.02 Vendor URL: http://www.ipswitch.com/ An attacker c...

SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities

/ Exploit Title: SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities Date: Jul 21 2012 Author: muts Version: SolarWinds Orion Network Performance Monitor 10.2.2 Vendor URL: http://www.solarwinds.com/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012:...

KeyPass Password Safe 1.22 Cross Site Scripting

Title: ====== KeyPass Password Safe v1.22 - Software Filter Vulnerability Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=615 VL-ID: ===== 615 Common Vulnerability Scoring System: ==================================== 3 Introduction: =============...

AVAVoIP 1.5.12 Cross Site Scripting / Shell Upload

Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...

Mobile App Leaves Blackboard Courseware Open To Remote attack

Vulnerability Lab researchers discovered remotely exploitable cross site scripting vulnerabilities in Blackboard Mobile Learn v9. The education platform’s mobile application is reportedly vulnerable to a number of persistent input validation vulnerabilities that could give remote attackers the...

VamCart v0.9 CMS - persistent XSS Vulnerabilities

Exploit for php platform in category web applications VamCart v0.9 CMS - persistent XSS Vulnerabilities Introduction: ============= VamCart is a Free, Open Source, CakePHP Based Shopping Cart Content Management System. VamCart is a Open Source Project under the GNU GPL license with the following...

PBBoard v2.1.4 CMS - persistent XSS Vulnerabilities

Exploit for php platform in category web applications PBBoard v2.1.4 CMS - persistent XSS Vulnerabilities Introduction: ============= PBBoard forum is a free and very famous flat-forum bulletin board software. - LICENSE: http://www.pbboard.com/manual/license.txt - INSTALL And UPGRADE :...

Lepton CMS 1.2.0 Cross Site Scripting

Title: ====== Lepton v1.2.0 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=626 VL-ID: ===== 626 Common Vulnerability Scoring System: ==================================== 4 Introduction: ============= LEPTON is a...

SMF Board 2.0.2 Cross Site Scripting

Title: ====== SMF Board v2.0.2 - Multiple Web Vulnerabilities Date: ===== 2012-06-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=596 VL-ID: ===== 624 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: ============= Simple...

PBBoard CMS 2.1.4 CSRF / Cross Site Scripting

Title: ====== PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=623 VL-ID: ===== 625 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= PBBoard...

PBBoard CMS 2.1.4 - Multiple Vulnerabilities

PBBoard CMS 2.1.4 - Multiple Vulnerabilities Title: ====== PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=623 VL-ID: ===== 625 Common Vulnerability Scoring System:...

TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities

Title: ====== TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Date: ===== 2012-06-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=613 VL-ID: ===== 613 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: =============...

Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities

Title: ====== Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Date: ===== 2012-06-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=526 VL-ID: ===== 526 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Die...

Simple Machines 2.0.2 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/54456/info Simple Machines is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script cod...

PBBoard CMS 2.1.4 - Multiple Vulnerabilities

Title: ====== PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: ===== 2012-06-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=623 VL-ID: ===== 625 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= PBBoard...