Logitech: Host Header injection in oslo.io (using X-Forwarded-For header) leading to email spoofing

Hello team I hope it will be a happy year for you and for me 😇 Summary: I found Host Header injection in oslo.io I tried to use it to show the security effect on users And I found this Steps To Reproduce: 1. Well, first of all, enter your project 2.Make an invitation by email 3.Now through the...

vam shop 1.69 - Multiple Vulnerabilities

No description provided by source. Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details...

NetCat CMS v5.0.1 - Multiple Web Vulnerabilities

Title: ====== NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Date: ===== 2012-10-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=738 VL-ID: ===== 738 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: ============= Vendor...

VaM Shop v1.69 - Multiple Web Vulnerabilities

Title: ====== VaM Shop v1.69 - Multiple Web Vulnerabilities Date: ===== 2012-10-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=730 VL-ID: ===== 730 Common Vulnerability Scoring System: ==================================== 8.1 Introduction: ============= Vendor...

vam shop 1.69 - Multiple Vulnerabilities

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...

NetCat CMS 5.0.1 Cross Site Scripting / HTTP Parameter Pollution

Title: ====== NetCat CMS v5.0.1 - Multiple Web Vulnerabilities Date: ===== 2012-10-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=738 VL-ID: ===== 738 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: ============= Vendor...

VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...

VaM Shop 1.69 Cross Site Scripting / SQL Injection

Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details: 1. Blind SQL injection in...