Croogo 2.0.0 - Multiple Persistent Cross-Site Scripting Vulnerabilities

------------------------ XSS 1 -------- POST parameters: - dataContacttitle ------------------------ input type="hidden" name="dataTokenkey" value="2627e9e204ad6b878db...

Cart Engine 3.0.0 Remote Code Execution

No description provided by source. ? Cart Engine 3.0.0 Remote Code Execution Vendor: C97net Product web page: http://www.c97.net Affected version: 3.0.0 Summary: Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL...

PHP openssl_x509_parse() - Memory Corruption Vulnerability

No description provided by source. SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP...

Kemana Directory 1.5.6 Password Hash Disclosure Vulnerability

Kemana contains a flaw that is due to the 'kemanaadminpasswd' cookie storing user password SHA1 hashes. This may allow a remote MitM attacker to more easily gain access to password information. Version 1.5.6 is affected. Kemana Directory 1.5.6 kemanaadminpasswd Cookie User Password Hash Disclosur...

Cart Engine 3.0.0 (task.php) Local File Inclusion Vulnerability

Cart Engine suffers from an authenticated file inclusion vulnerability LFI when input passed thru the 'run' parameter to task.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks. Version 3.0....

Kemana Directory 1.5.6 - Database Backup Disclosure

$total return; ifempty$starttime $starttime=time; $now...

Kemana Directory 1.5.6 - 'task.php' Local File Inclusion

Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features...

Cart Engine 3.0.0 - task.php Local File Inclusion

Cart Engine 3.0.0 - task.php Local File Inclusion Cart Engine 3.0.0 task.php Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 3.0.0 Summary: Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE...

Kemana Directory 1.5.6 - task.php Local File Inclusion

Kemana Directory 1.5.6 - task.php Local File Inclusion Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or...

PHP - openssl_x509_parse() Memory Corruption

PHP - opensslx509parse Memory Corruption SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4...

PHP openssl_x509_parse() Memory Corruption

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....