559 matches found
Сross-Site Request Forgery (CSRF) in xEpan
High-Tech Bridge Security Research Lab discovered vulnerability in xEpan, which can be exploited to compromise vulnerable web site. 1 Сross-Site Request Forgery CSRF in xEpan: CVE-2014-8429 The vulnerability exists due to insufficient validation of the HTTP request origin when creating new user...
Multiple XSS in Hero Framework
High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Hero Framework, which can be exploited to perform cross-site scripting attacks against vulnerable application. 1 Multiple XSS in Hero Framework: CVE-2013-2649 1.1 The vulnerability exists due to insufficient sanitisation...
Multiple Vulnerabilities in Traq
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Traq which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Traq 1.1 The vulnerability exists due to input sanitation error in the "edit"...
Cross-site Scripting (XSS) Vulnerabilities in WP-Stats-Dashboard
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in WP-Stats-Dashboard which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in WP-Stats-Dashboard 1.1 The vulnerability exists due to input sanitation error in...
Cross-site Scripting (XSS) Vulnerability in Max's PHP Photo Album
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Max's PHP Photo Album which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Max's PHP Photo Album The vulnerability exists due to input sanitation error in the "id"...
Multiple Vulnerabilities in WP-StarsRateBox
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in WP-StarsRateBox WordPress Plugin which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in WP-StarsRateBox The vulnerability exists due to inp...
Multiple Vulnerabilities in phpAlbum.net
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in phpAlbum.net which could be exploited to perform cross-site scripting and cross-site request forgery attacks and compromise vulnerable system. 1 Cross-site scripting XSS vulnerability in phpAlbum.net The...
Cross-site Scripting (XSS) Vulnerabilities in Rating-Widget
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Rating-Widget WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Rating-Widget 1.1 The vulnerability exists due to input sanitation...
Cross-site Request Forgery (CSRF) Vulnerabilities in Pragyan CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pragyan CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in Pragyan CMS 1.1 The vulnerability exists due to insufficient validation of...
Multiple Vulnerabilities in Mingle Forum wordpress plugin
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Mingle Forum wordpress plugin which could be exploited to perform script insertion attacks and disclose potentially sensitive information. 1 Script insertion vulnerability in Mingle Forum wordpress plugin Input passed to...
Installation Path Disclosure Weakness in Coppermine
High-Tech Bridge SA Security Research Lab has discovered a weakness in Coppermine which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Coppermine The weakness exists due to application reveals the full path to installation...
Multiple Vulnerabilities in ReOS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ReOS which could be exploited to perform SQL injection attacks and compromise vulnerable system. 1 SQL injection vulnerabilities in ReOS 1.1 The vulnerability exists due to input sanitation errors in the...
Multiple Vulnerabilities in BEdita
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BEdita which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in BEdita The vulnerability exists due to input sanitation error in...
Local File Inclusion Vulnerability in Exponent CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Exponent CMS which could be exploited to include and execute arbitrary local files on the target system. 1 Local file inclusion in Exponent CMS Input passed to the "module" parameter in podcast.php and rss.php is not proper...
Cross-site Request Forgery (CSRF) Vulnerabilities in Kandidat CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Kandidat CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Kandidat CMS 1.1 The vulnerability exists due to insufficient validation of the request...
Cross-site Request Forgery (CSRF) Vulnerabilities in sNews
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in sNews which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in sNews 1.1 The vulnerability exists due to insufficient validation of the request origin in...
Multiple vulnerabilities in TCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Target CMS TCMS, which could be exploited to perform cross-site scripting and SQL Injection attacks, read arbitrary files and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in TCMS 1.1 A...
Cross-site Scripting (XSS) Vulnerabilities in synType CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in synType CMS which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in synType CMS The vulnerability exists due to input sanitation error in...
Multiple Vulnerabilities in webERP
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in webERP, which can be exploited to perform information disclosure, cross-site scripting and SQL injection attacks. 1 Cross-Site Scripting XSS vulnerabilities in webERP Input appended to the URL in multiple files i...
Remote File Inclusion Vulnerability in ACal
High-Tech Bridge SA Security Research Lab has discovered vulnerability in ACal which could be exploited to compromise vulnerable system. 1 Remote file inclusion vulnerability in ACal Input passed to the "path" parameter in embed/day.php and embed/month.php scripts is not properly sanitized before...
Multiple Vulnerabilities in phpGraphy
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in phpGraphy which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in phpGraphy The vulnerability exists due to input sanitation error in th...
Cross-site Request Forgery (CSRF) Vulnerabilities in phpList
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in phpList which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in phpList 1.1 The vulnerability exists due to insufficient validation of the request origi...
Multiple Vulnerabilities in Dalbum
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Dalbum which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Dalbum The vulnerability exists due to input sanitation error in...
Installation Path Disclosure Weakness in Flatnux
High-Tech Bridge SA Security Research Lab has discovered a weakness in Flatnux which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Flatnux The weakness exists due to application reveals the full path to installation directory in...
Multiple Vulnerabilities in CompactCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CompactCMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in CompactCMS 1.1 The vulnerability exists due to input sanitation error i...
Cross-site Request Forgery (CSRF) Vulnerabilities in Onyx
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Onyx which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Onyx 1.1 The vulnerability exists due to insufficient validation of the request origin in...
Cross-site Scripting (XSS) Vulnerability in Edit-X CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Edit-X CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Edit-X CMS The vulnerability exists due to input sanitation error in the "searchtext" parameter in...
Multiple Cross-site Scripting (XSS) Vulnerabilities in allinta CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in allinta CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in allinta CMS 1.1 The vulnerability exists due to input sanitation error in the "langURL"...
Cross-site Request Forgery (CSRF) Vulnerabilities in eFront
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eFront which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in eFront 1.1 The vulnerability exists due to insufficient validation of the request origin in...
Cross-site Scripting Vulnerabilities in Open-Realty
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open-Realty, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerabilities in Open-Realty 1.1 Input passed via the "name", "email", "friendemail", "subject", "message" POS...
Cross-site Scripting (XSS) Vulnerabilities in TTChat
High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in TTChat which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in TTChat The vulnerability exists due to input sanitation error in the "msg" parameter in default.ph...
Local File Inclusion Vulnerability in TeamCal Pro
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in TeamCal Pro which could be exploited to compromise vulnerable system. 1 Local file inclusion vulnerability in TeamCal Pro The vulnerability exists due to input sanitation error in the "lang" parameter in index.php. A remo...
Cross-site Scripting (XSS) Vulnerability in WonderCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WonderCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WonderCMS The vulnerability exists due to input sanitation error in the "content" parameter in...
Script Insertion Vulnerabilities in ArtGK CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ArtGK CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in ArtGK CMS 1.1 Input passed to the "content" parameter in cms/classes/CForm.php is not properly sanitiz...
Cross-site Scripting (XSS) Vulnerability in MAXdev
High-Tech Bridge SA Security Research Lab has discovered vulnerability in MAXdev which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in MAXdev The vulnerability exists due to input sanitation error in the "sid" parameter in modules.php. A...
Cross-site Scripting (XSS) Vulnerability in Gekko Web Builderer
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Gekko Web Builder which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Gekko Web Builder The vulnerability exists due to input sanitation error in the "app" parameter...
Cross-site Scripting Vulnerabilities in Pretty Link WordPress Plugin
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pretty Link WordPress Plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Pretty Link WordPress Plugin 1.1 Input passed via the "mindate" GET...
Cross-site Request Forgery (CSRF) in VCalendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in VCalendar which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in VCalendar The vulnerability exists due to insufficient validation of the request origin in...
Cross-site Scripting (XSS) Vulnerability in WebCalendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WebCalendar which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WebCalendar The vulnerability exists due to input sanitation error in the "lastlogin" parameter in...
Cross-site Request Forgery (CSRF) in Feng Office
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Feng Office which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Feng Office The vulnerability exists due to insufficient validation of the request origin in index.php...
Multiple Vulnerabilities in Wikipad
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Wikipad which could be exploited to perform cross-site scripting and cross-site request forgery attacks and disclose potentially sensitive information. 1 Cross-site scripting XSS vulnerability in Wikipad The vulnerability...
Cross-site Request Forgery (CSRF) Vulnerabilities in BlogBird
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BlogBird which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in BlogBird 1.1 The vulnerability exists due to insufficient validation of the request origin in...
Cross-site Scripting (XSS) Vulnerability in Vosao CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Vosao CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Vosao CMS The vulnerability exists due to input sanitation error in the " id" parameter in...
Cross-site Scripting Vulnerabilities in eliteCMS
High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in eliteCMS which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting XSS vulnerabilities in eliteCMS 1.1 An input sanitation error was found in the "page" parameter in...
Multiple vulnerabilities in BugFree
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BugFree which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in BugFree 1.1 Input passed via the "ActionType" GET parameter to Bug.php is not properly sanitis...
Cross-site Scripting (XSS) Vulnerabilities in PHP Calendar Basic
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHP Calendar Basic which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in PHP Calendar Basic 1.1 The vulnerability exists due to input sanitation errors in...
Cross-site Scripting (XSS) Vulnerability in BackupPC
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BackupPC which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in BackupPC The vulnerability exists due to input sanitation error in multiple parameters in...
Multiple Vulnerabilities in RuubikCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in RuubikCMS which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in RuubikCMS 1.1 The vulnerability exists due to input sanitatio...
Script Insertion Vulnerabilities in Noah's Classifieds
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Noah's Classifieds which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Noah's Classifieds Input passed to the "col18", "description" and "titlePrefix" parameter in index.php i...
Cross-site Scripting (XSS) Vulnerability in Inline Gallery
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Inline Gallery WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Inline Gallery The vulnerability exists due to input sanitation error in the " do...