559 matches found
Cross-site Scripting (XSS) Vulnerabilities in Photopad
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Photopad which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Photopad: CVE-2011-1063 1.1 The vulnerability exists due to input sanitation errors in the...
Local File Inclusion Vulnerability in LightNEasy CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in LightNEasy CMS which could be exploited to include and execute arbitrary local files on the target system. 1 Local file inclusion in LightNEasy CMS Input passed to the "setlanguage" variable in addons/contact/main.php is no...
Multiple Vulnerabilities in HTML-EDIT CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in HTML-EDIT CMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in HTML-EDIT CMS: CVE-2010-4610 The vulnerability exists due to input...
Multiple Vulnerabilities in Wolf CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Wolf CMS which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Wolf CMS The vulnerability exists due to input sanitation erro...
Multiple Vulnerabilities in Frog CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerability in Frog CMS which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in Frog CMS 1.1 The vulnerability exists due to input sanitation...
Directory Traversal Vulnerability in Robo-FTP
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Robo-FTP which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in Robo-FTP: CVE-2010-4095 The vulnerability exists due to insufficient sanitation of the downloaded...
SQL Injection Vulnerability in SyntaxCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in SyntaxCMS which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerability in SyntaxCMS An input validation error exists in the "rowsperpage" parameter in...
Directory Traversal Vulnerability in FTP Commander
High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Commander, FTP Commander Pro and FTP Commander Deluxe which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Commander The vulnerability exists due to...
Cross-site Scripting (XSS) Vulnerabilities in PortalApp
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PortalApp which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in PortalApp 1.1 The vulnerability exists due to input sanitation error in multiple parameters ...
Cross-site request forgery (CSRF) in ocPortal
High-Tech Bridge SA Security Research Lab has discovered vulnerability in ocPortal which could be exploited to perform CSRF attacks. 1 Cross-site request forgery CSRF ocPortal The vulnerability exists due to insufficient validation of the request origin in /site/index.php. A remote attacker can...
Multiple Vulnerabilities in NPDS REvolution
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in NPDS REvolution which could be exploited to perform cross-site scripting XSS, script insertion and CSRF attacks and execute arbitrary SQL commands in applications database. 1 Cross-site scripting vulnerabilities ...
XSS in EasyPublish CMS
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in EasyPublish CMS which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in EasyPublish CMS Input passed via the URL to /index.php is not properly sanitized before being...
Reflected Cross-Site Scripting (XSS) in Jamroom
High-Tech Bridge Security Research Lab discovered vulnerability in Jamroom, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Reflected Cross-Site Scripting XSS in Jamroom: CVE-2014-5098 The vulnerability exists due to insufficient sanitization of user-supplied data after the...
Cross-site Scripting (XSS) Vulnerabilities in epesi BIM
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in epesi BIM which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in epesi BIM 1.1 The vulnerability exists due to input sanitation error in the "diratual"...
Cross-site Scripting (XSS) Vulnerability WP Events Calendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP Events Calendar, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP Events Calendar Input passed via the "ECid" GET parameter to /wp-admin/admin.php when "page"...
Cross-site Scripting (XSS) Vulnerability in WP e-Commerce
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP e-Commerce, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP e-Commerce Input passed via the cartmessages parameter to...
Cross-site Scripting (XSS) Vulnerability in (e)2 interactive Photo Gallery
High-Tech Bridge SA Security Research Lab has discovered vulnerability in e2 interactive Photo Gallery which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in e2 interactive Photo Gallery The vulnerability exists due to input sanitation error ...
Multiple Vulnerabilities in WebAsyst Shop-Script
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in WebAsyst Shop-Script which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in WebAsyst Shop-Script 1.1 The vulnerability exist...
Multiple Vulnerabilities in Pixelpost
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixelpost which could be exploited to perform cross-site scripting attacks and disclose potentially sensitive information. 1 Cross-site scripting vulnerability in Pixelpost The vulnerability exists due to input...
Cross-site Request Forgery (CSRF) in CMScout
High-Tech Bridge SA Security Research Lab has discovered vulnerability in CMScout which could be exploited to perform cross-site request forgery attacks. 1 Cross-site Request Forgery CSRF in CMScout The vulnerability exists due to insufficient validation of the request origin in admin.php. A remo...
Multiple Vulnerabilities in Zomplog
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Zomplog which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in Zomplog 1.1 The vulnerability exists due to input sanitation...
Directory Traversal Vulnerability in FTP Voyager
High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Voyager which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Voyager: CVE-2010-4154 The vulnerability exists due to insufficient sanitation of the downloade...
Cross-site Scripting (XSS) Vulnerabilities in Lantern CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Lantern CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Lantern CMS 1.1 The vulnerability exists due to input sanitation error in the "signupemail...
Cross-site Request Forgery (CSRF) Vulnerabilities in Webmatic
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Webmatic which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Webmatic 1.1 The vulnerability exists due to insufficient validation of the request origin in...
Directory Traversal Vulnerability in SmartFTP
High-Tech Bridge SA Security Research Lab has discovered vulnerability in SmartFTP which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in SmartFTP: CVE-2010-3099 The vulnerability exists due to insufficient sanitation of the downloaded...
Directory Traversal Vulnerability in FTP Rush
High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Rush which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Rush: CVE-2010-3098 The vulnerability exists due to insufficient sanitation of the downloaded...
Cross-site Scripting (XSS) Vulnerability in SiteLoom CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in SiteLoom CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in SiteLoom CMS The vulnerability exists due to input sanitation error in the "mailform1" parameter in...
SQL Injection Vulnerability in TomatoCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in TomatoCMS which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerability in TomatoCMS An input validation error exists in the "q" parameter in /news/search. A remote...
Multiple SQL Injection vulnerabilities in ClipBucket
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in ClipBucket, which can be exploited to perform SQL Injection attacks. 1 Multiple SQL Injections in ClipBucket: CVE-2012-5849 1.1 The vulnerability exists due to improper sanitation of input in multiple parameters within...
Multiple vulnerabilities in web@all
High-Tech Bridge Security Research Lab has discovered multiple vulnerabilities in web@all, which can be exploited to perform Сross-Site Request Forgery CSRF and Cross-Site Scripting XSS attacks. 1 Сross-Site Request Forgery CSRF in web@all: CVE-2012-3231 1.1 The application allows authorized...
StudioLine Photo Basic 3 ActiveX control Insecure Method
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in StudioLine Photo Basic 3 ActiveX control, which can be exploited to overwrite arbitrary files. 1 Insecure method in StudioLine Photo Basic 3 ActiveX control The vulnerability is caused due to the NMSDVDX.DVDEngineX.1...
Cross-site Scripting (XSS) Vulnerabilities in Calendarix
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Calendarix which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Calendarix 1.1 The vulnerability exists due to input sanitation errors in URL in...
Installation Path Disclosure weakness in Tine 2.0
High-Tech Bridge SA Security Research Lab has discovered a weakness in Tine 2.0 which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Tine 2.0: CVE-2011-1666 The weakness exists due to application reveals the full path to...
Installation Path Disclosure Weakness in Tribiq CMS | HTB22857
High-Tech Bridge SA Security Research Lab has discovered a weakness in Tribiq CMS which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Tribiq CMS: CVE-2011-2727 The weakness exists due to application reveals the full path to...
Multiple Vulnerabilities in Podcast Generator
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Podcast Generator which could be exploited to perform cross-site scripting attacks, disclose potentially sensitive information and compromise vulnerable system. 1 Cross-site scripting vulnerability in Podcast...
Cross-site Request Forgery (CSRF) Vulnerabilities in PHP MicroCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in PHP MicroCMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in PHP MicroCMS 1.1 The vulnerability exists due to insufficient validation of the...
SQL Injection Vulnerability in Phenotype CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Phenotype CMS which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerability in Phenotype CMS: CVE-2011-0407 The vulnerability exists due to input sanitation errors in the URL. A remote attacker ca...
Multiple Vulnerabilities in Etomite
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Etomite which could be exploited to perform cross-site scripting and SQL injection attacks and gain access to sensitive information. 1 Cross-site scripting XSS vulnerability in Etomite The vulnerability exists du...
Authentication Bypass Vulnerability in phpLiterAdmin
High-Tech Bridge SA Security Research Lab has discovered vulnerability in phpLiterAdmin which could be exploited to bypass authentication mechanism and gain unauthorized access to the application. 1 Authentication Bypass Vulnerability in phpLiterAdmin The vulnerability exists due to a design erro...
Directory Traversal Vulnerability in FTPGetter
High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTPGetter which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTPGetter: CVE-2010-3103 The vulnerability exists due to insufficient sanitation of the downloaded...
Multiple Vulnerabilities in Theeta CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Theeta CMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting vulnerabilities XSS in Theeta CMS 1.1 The vulnerability exists due to input sanitation error i...
Multiple Vulnerabilities in Gazelle CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Gazelle CMS which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Gazelle CMS The vulnerability exists due to input sanitatio...
Cross-site Scripting Vulnerability in razorCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in razorCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in razorCMS: CVE-2010-5051 The vulnerability exists due to input sanitation error in the "content" paramete...
Multiple Vulnerabilities in gpEasy CMS
High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in gpEasy CMS which could be exploited to perform cross-site scripting and cross-sire request forgery attacks. 1 Cross-site scripting vulnerability in gpEasy CMS: CVE-2010-2038 The vulnerability exists due to input...
Cross-site Scripting (XSS) Vulnerability in Advanced Poll
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Advanced Poll which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in Advanced Poll: CVE-2010-2003 An input sanitation error was found in the "mysqlhost" parameter in...
Multiple vulnerabilities in Browser CRM
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Browser CRM, which can be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-Site Scripting in Browser CRM 1.1 Input appended to the URL after multiple files is not properly sanitised...
Multiple vulnerabilities in Dolibarr
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Dolibarr, which can be exploited to perform cross-site scripting & sql injection attacks. 1 Cross-Site scripting vulnerability in Dolibarr: CVE-2011-4814 1.1 Input appended to the URL after multiple files is not...
Cross-site Scripting (XSS) Vulnerability in Redirection WordPress Plugin
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Redirection WordPress Plugin which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Redirection WordPress Plugin Input passed via the "id" GET parameter to...
Cross-site Scripting (XSS) Vulnerabilities in HESK
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in HESK which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in HESK 1.1 The vulnerability exists due to input sanitation error in the "hesksettingstmptitle" a...
Easewe FTP ActiveX Control Multiple Insecure Methods
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Easewe FTP OCX ActiveX Control, which can be exploited to potentially compromise a user's system. 1 Insecure methods in Easewe FTP ActiveX Control 1.1 The vulnerability is caused due to the EaseWeFtp.FtpLibrary...