556 matches found
AlegroCart 1.2.8 - Multiple SQL Injections
AlegroCart 1.2.8 - Multiple SQL Injections Security Advisory - Curesec Research Team 1. Introduction Affected Product: AlegroCart 1.2.8 Fixed in: Patch AC128fix17102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1040 Vendor Website: http://alegrocart.com/ Vulnerability Type: SQL...
AlegroCart 1.2.8 - LocalRemote File Inclusion
AlegroCart 1.2.8 - LocalRemote File Inclusion Security Advisory - Curesec Research Team 1. Introduction Affected Product: AlegroCart 1.2.8 Fixed in: Patch AC128fix22102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1047 Vendor Website: http://alegrocart.com/ Vulnerability Type:...
ClipperCMS 1.3.0 - Multiple SQL Injections
ClipperCMS 1.3.0 - Multiple SQL Injections Security Advisory - Curesec Research Team 1. Introduction Affected Product: ClipperCMS 1.3.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://www.clippercms.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to...
MiniBB 3.1.1 Cross Site Scripting Vulnerability
MiniBB version 3.1.1 suffers from a cross site scripting vulnerability. 1. Introduction Affected Product: MiniBB 3.1.1 Fixed in: 3.2 Fixed Version Link: http://www.minibb.com/download.php?file=minibb Vendor Contact: email protected Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendo...
CubeCart 6.0.7 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: CubeCart 6.0.7 Fixed in: 6.0.8 Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/07/2015...
Supercali Event Calendar 1.0.8 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Supercali Event Calendar 1.0.8 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://supercali.inforest.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public:...
Supercali Event Calendar 1.0.8 Cross Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Supercali Event Calendar 1.0.8 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://supercali.inforest.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public...
MiniBB 3.1.1 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: MiniBB 3.1.1 Fixed in: 3.2 Fixed Version Link: http://www.minibb.com/download.php?file=minibb Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to...
SQL Buddy 1.3.3 Cross Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: SQL Buddy 1.3.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to public: 10/07/2015 Release...
SQL Buddy 1.3.3 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: SQL Buddy 1.3.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to public: 10/07/2015 Release...
Chyrp CMS 2.5.2 Cross Site Scripting
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Chyrp CMS 2.5.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Github: https://github.com/chyrp/chyrp Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 10/07/2015...
Pligg CMS 2.0.2 - Multiple Vulnerabilities
Exploit for php platform in category web applications 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Code Execution & CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to publi...
Pligg CMS 2.0.2 CSRF / Code Execution
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Code Execution & CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 10/07/201...
Pligg CMS 2.0.2 SQL Injection
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 10/07/2015 Releas...
Pligg CMS 2.0.2 - Directory Traversal
Pligg CMS 2.0.2 - Directory Traversal Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor:...
Pligg CMS 2.0.2 - Multiple SQL Injections
Pligg CMS 2.0.2 - Multiple SQL Injections Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor:...
Pligg CMS 2.0.2 - Multiple SQL Injections
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 10/07/2015 Releas...
Pligg CMS 2.0.2 - Cross-Site Request Forgery / Code Execution
Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: Code Execution & CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public: 10/07/201...
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
Exploit for multiple platform in category remote exploits !/usr/bin/env python Source: http://haxx.in/blasty-vs-netusb.py CVE-2015-3036 - NetUSB Remote Code Execution exploit Linux/MIPS =========================================================================== This is a weaponized exploit for th...
SAP NetWeaver Java AS - multiple XSS vulnerabilities
Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: SAP Bugs: XSS Reported: 29.09.2015 Vendor response: 30.09.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2238765 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XSS Impact: leakage...