Joomla Googlemaps 3.2 Cross Site Scripting / Denial Of Service

Hello list! Earlier I wrote about multiple vulnerabilities in Googlemaps plugin for Joomla http://securityvulns.ru/docs29645.html. After my informing, the developer fixed these vulnerabilities in versions 2.19 and 3.1 of the plugin - by removing proxy functionality. And in version 3.2 of the plug...

Joomla Googlemaps XSS / XML Injection / Path Disclosure / DoS

Hello list! These are Denial of Service, XML Injection, Cross-Site Scripting and Full path disclosure vulnerabilities in Googlemaps plugin for Joomla. ------------------------- Affected products: ------------------------- Vulnerable are Googlemaps plugin for Joomla versions 2.x and 3.x and...

Denial of Service vulnerability in Megapolis.Portal Manager

Hello 3APA3A! I want to warn you about Denial of Service vulnerability in Megapolis.Portal Manager. It's commercial CMS from Softline, which in particularly widespread among Ukrainian government sites including ministry, parliament, two special services and many other web sites. In 2006-2007 I...

Fabrica Engine 2.1 Cross Site Scripting / Denial Of Service / SQL Injection

Hello Bugtraq! I want to warn you about Cross-Site Scripting, Denial of Service and SQL Injection vulnerabilities in Fabrica Engine which I found in 2008 and 2009 at web site of one online shop. It's commercial engine for online shops. SecurityVulns ID: 11274. ------------------------- Affected...

Уязвимости в PHPShop

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation, Cross-Site Scripting, Denial of Service и Full path disclosure уязвимостях в PHPShop. Это движок для онлайн магазинов. Insufficient Anti-automation WASC-21: http://site/users/register.html На данной странице...