Multiple Vulnerabilities in eoCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eoCMS which could be exploited to perform script insertion and SQL injection attacks, gain access to sensitive information and compromise vulnerable system. 1 Script insertion vulnerability in eoCMS An input...

Unfixed Script Insertion vulnerability at www.studio92.com

Security researcher sh3n, has submitted on 15/10/2010 a Script Insertion vulnerability affecting www.studio92.com, which at the time of submission ranked 73031 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently unfixed...

Mailman -- cross-site scripting in web interface

Secunia reports: Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary...

Flock Browser 3.0.0.3989 Malformed Bookmark Cross Site Scripting

Flock Browser 3.0.0.3989 Malformed Bookmark XSS Vendor URL: http://beta.flock.com/ Advisore: http://lostmon.blogspot.com/2010/08/flock-browser-3003989-malformed.html Vendor notify:NO exploits availables:YES Flock is faster, simpler, and more friendly. Literally. It's the only sleek, modern web...

Script Insertion Vulnerabilities in ArtGK CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ArtGK CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in ArtGK CMS 1.1 Input passed to the "content" parameter in cms/classes/CForm.php is not properly sanitiz...

Secunia Research: MantisBT "Add Category" Script Insertion Vulnerability

====================================================================== Secunia Research 05/08/2010 - MantisBT "Add Category" Script Insertion Vulnerability - ====================================================================== Table of Contents Affected...

Script Insertion Vulnerability in Eden Platform

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Eden Platform which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in Eden Platform Input passed to multiple parameters in testimonials/admin/list is not properly sanitized A remo...

Unfixed Script Insertion vulnerability at www.lespac.com

Security researcher h3xStream, has submitted on 24/07/2010 a Script Insertion vulnerability affecting www.lespac.com, which at the time of submission ranked 10677 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 15/12/2011. It is currently...

Multiple Vulnerabilities in Amethyst

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Amethyst which could be exploited to perform cross-site scripting, script insertion and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Amethyst The vulnerability exists due to inp...

Unfixed XSS vulnerability at www.wingclips.com

Security researcher nullbyt3, has submitted on 17/07/2010 a cross-site-scripting XSS vulnerability affecting www.wingclips.com, which at the time of submission ranked 372738 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...

Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...

Unfixed Script Insertion vulnerability at www.tinyurlscript.info

Security researcher Ravac, has submitted on 28/06/2010 a Script Insertion vulnerability affecting www.tinyurlscript.info, which at the time of submission ranked 1469036 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/12/2011. It is currently...

Unfixed Script Insertion vulnerability at www.theworldcafe.com

Security researcher solipsistic, has submitted on 27/06/2010 a Script Insertion vulnerability affecting www.theworldcafe.com, which at the time of submission ranked 788817 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/10/2010. It is...

Unfixed Script Insertion vulnerability at www.conversationasaradicalact.com

Security researcher solipsistic, has submitted on 27/06/2010 a Script Insertion vulnerability affecting www.conversationasaradicalact.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/10/2010. It i...

Cross-site Scripting (XSS) Vulnerabilities in CruxPA

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxPA which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in CruxPA: CVE-2010-2718 The vulnerability exists due to input sanitation err...

Fixed Script Insertion vulnerability at cazey.friendsmix.net

Security researcher benzo, has submitted on 20/06/2010 a Script Insertion vulnerability affecting cazey.friendsmix.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/04/2012. It is currently fixed...

Invision Power Board 3.0.5 Calendar Application Script Insertion Vulnerability

No description provided by source. Credits ============ Discovered by: David Vieira-Kurz http://www.majorsecurity.info/penetrationstest.php Affected Products: ---------------------------- Invision Power Board 3.0.5 and prior Introduction ============ Invision Power Board is a widely used forums...

Unfixed Script Insertion vulnerability at rapi.nl

Security researcher Killer-TR, has submitted on 06/10/2010 a Script Insertion vulnerability affecting rapi.nl, which at the time of submission ranked 5970364 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently unfixed. I...

Cross-site Scripting (XSS) Vulnerabilities in synType CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in synType CMS which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in synType CMS The vulnerability exists due to input sanitation error in...

Multiple Vulnerabilities in AneCMS

High-Tech Bridge SA Security Research Lab has discovered three vulnerabilities in AneCMS which could be exploited to perform cross-site scripting and script insertion attacks and execute arbitrary SQL commands in applications database. 1 Cross-site scripting XSS vulnerability in AneCMS The...