CVE-2018-19513

In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sqlerrorlog/YYYY-MM-DD-sqlerrorlog.log filenames. The log file could contain sensitive client data email addresses and also facilitates exploitation of SQL injection errors...

CVE-2018-19513

In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sqlerrorlog/YYYY-MM-DD-sqlerrorlog.log filenames. The log file could contain sensitive client data email addresses and also facilitates exploitation of SQL injection errors...

Webgalamb Information Disclosure / XSS / CSRF / SQL Injection

Summary ------- Vendor: E.N.S. Zrt www.ens.hu Product: Webgalamb www.webgalamb.hu, www.facebook.com/webgalamb Webgalamb is a commercial email marketing software for managing subscription lists and sending out bulk emails. It is not SaaS but a PHP based web application that is typically hosted nex...

Alstrasoft Article Manager Pro v1.6

Alstrasoft Article Manager Pro v1.6 - XSS & Full Path errors Homepage: http://www.alstrasoft.com Description: Article Manager Pro is the next generation article publishing system designed to make your life a whole lot easier by enabling webmasters to publish articles or news into their website in...