559 matches found
Cross-site Scripting (XSS) Vulnerability in WP Photo Album
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP Photo Album which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP Photo Album The vulnerability exists due to input sanitation error in the "id" parameter in...
Path Disclosure Weakness in 4images
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in 4images which could be exploited to disclose potentially sensitive information. 1 Path disclosure weakness in 4images The weakness is caused by incorrect handling of exceptions in includes/pageheader.php and...
Multiple Vulnerabilities in Ripe website manager
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Ripe website manager which could be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Ripe website manager The...
Cross-site Scripting (XSS) Vulnerability in WPTouch Wordpress Plugin
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WPTouch Wordpress Plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WPTouch Wordpress Plugin: CVE-2010-4779 The vulnerability exists due to input sanitation...
SQL injection Vulnerability in IceBB
High-Tech Bridge SA Security Research Lab has discovered vulnerability in IceBB which could be exploited to perform SQL injection attacks. 1 The vulnerability exists due to input sanitation errors in the "gmt" parameter in index.php. A remote attacker can send a specially crafted HTTP request to...
Multiple Vulnerabilities in Entrans
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Entrans which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in Entrans: CVE-2010-4932 The vulnerability exists due to input sanitation erro...
Cross-site Request Forgery (CSRF) in Serendipity
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Serendipity which could be exploited to perform cross-site request forgery attacks. 1 Cross-site Request Forgery CSRF in Serendipity: CVE-2010-2957 The vulnerability exists due to insufficient validation of the request orig...
Cross-site Request Forgery (CSRF) Vulnerabilities in Rumba CMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Rumba CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Rumba CMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...
Directory Traversal Vulnerability in AutoFTP Manager
High-Tech Bridge SA Security Research Lab has discovered vulnerability in AutoFTP Manager which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in AutoFTP Manager: CVE-2010-3104 The vulnerability exists due to insufficient sanitation of the...
Cross-site Scripting (XSS) Vulnerabilities in eazyCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eazyCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in eazyCMS 1.1 The vulnerability exists due to input sanitation error in the "pageid" parameter...
Cross-site Scripting (XSS) Vulnerability in osCSS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in osCSS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in osCSS: CVE-2010-2856 The vulnerability exists due to input sanitation error in the "page" parameter in...
Cross-site Scripting (XSS) Vulnerabilities in Scribe CMS
High-Tech Bridge SA Security Research Lab has discovered three vulnerabilities in Scribe CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Scribe CMS 1.1 The vulnerability exists due to input sanitation error in the “f” parameter in...
Cross-site Scripting (XSS) Vulnerability in log1CMS
High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in log1CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in log1CMS The vulnerability exists due to input sanitation error in the HTTP POST parameter "content"...
Cross-site Scripting (XSS) Vulnerability in moziloCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in moziloCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in moziloCMS The vulnerability exists due to input sanitation error in the HTTP POST parameter "pageconten...
Cross-site request forgery (CSRF) in e107
High-Tech Bridge SA Security Research Lab has discovered two CSRF vulnerabilities in e107 which could allow a remote attacker to execute arbitrary SQL commands in applications database and gain complete control over the application. 1 Cross-site request forgery in e107 1.1 The vulnerability is...
SQL Injection in Е2
High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in Е2, which can be exploited to perform SQL injection attacks and gain control over the vulnerable application. 1 SQL Injection in Е2: CVE-2014-4736 The vlnerability exists due to insufficient sanitization of input dat...
SQL Injection in mAdserve
High-Tech Bridge Security Research Lab discovered multiple SQL injection vulnerabilities in mAdserve, which can be exploited to execute arbitrary SQL commands in application’s database and compromise vulnerable website. 1 SQL Injection in mAdserve: CVE-2014-2654 1.1 The vulnerability exists due t...
Multiple vulnerabilities in ocPortal
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ocPortal, which can be exploited to perform Cross-Site Scripting XSS and Arbitrary File Disclosure attacks. 1 Multiple Cross-Site Scripting XSS in ocPortal: CVE-2012-1470 1.1 Input passed via the "path" and "line...
Multiple vulnerabilities in Efront
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Efront, which can be exploited to perform SQL injection and cross-site scripting attacks. 1 Cross-Site scripting XSS vulnerabilities in Efront 1.1 Input passed via the "course" GET parameter to index.php is not...
Cross-site Scripting (XSS) Vulnerability in Fast Secure Contact Form
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Fast Secure Contact Form wordpress plugin, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Fast Secure Contact Form WordPress Plugin Input appended to the URL afte...
Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in Kofax e-Transactions Sender Sendbox, which can be exploited to overwrite arbitrary files. 1 Insecure method in Kofax e-Transactions Sender Sendbox ActiveX Control The vulnerability is caused due to the LEADeMail.LEADSmtp....
Cross-site Scripting (XSS) Vulnerability in Ajax Chat
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Ajax Chat which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Ajax Chat The vulnerability exists due to input sanitation error in the "chatpath" parameter in...
Cross-site Request Forgery (CSRF) Vulnerabilities in SelectaPix Image Gallery
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SelectaPix Image Gallery which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in SelectaPix Image Gallery 1.1 The vulnerability exists due to...
Multiple Vulnerabilities in RunCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in RunCMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in RunCMS The vulnerability exists due to input sanitation error in the "rc2user...
Local File Inclusion Vulnerability in Novaboard
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Novaboard which could be exploited to include and execute arbitrary local files on the target system. 1 Local file inclusion in Novaboard Input passed to the "novalang" cookie in index.php is not properly sanitized before...
Cross-site Scripting (XSS) Vulnerability in Pluck
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Pluck which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Pluck The vulnerability exists due to input sanitation error in the "cont1" parameter in...
Multiple Vulnerabilities in AContent
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in AContent which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in AContent 1.1 The vulnerability exists due to input sanitatio...
XSS vulnerability in Auto CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Auto CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Auto CMS: CVE-2010-4882 The vulnerability exists due to input sanitation error in the "sitetitle"...
Multiple Vulnerabilities in DT Centrepiece
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DT Centrepiece which could be exploited to perform cross-site scripting attacks and bypass certain security restrictions. 1 Cross-site scripting XSS vulnerabilities in DT Centrepiece 1.1 The vulnerability exists...
Multiple Vulnerabilities in Amethyst
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Amethyst which could be exploited to perform cross-site scripting, script insertion and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Amethyst The vulnerability exists due to inp...
Cross-site Scripting (XSS) Vulnerabilities in Diem
High-Tech Bridge SA Security Research Lab has discovered three vulnerabilities in Diem which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Diem 1.1 The vulnerability exists due to input sanitation error in the "value" parameter in page...
Cross-site Scripting (XSS) Vulnerabilities in CruxPA
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxPA which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in CruxPA: CVE-2010-2718 The vulnerability exists due to input sanitation err...
Cross-site Scripting (XSS) Vulnerability in CompactCMS
High-Tech Bridge SA Security Research Lab has discovered vulnerability in CompactCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in CompactCMS The vulnerability exists due to input sanitation error in the "keywords" parameter in...
Multiple Vulnerabilities in DBHcms
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DBHcms which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in DBHcms 1.1 The vulnerability exists due to input sanitation error in the...
Cross-site Scripting (XSS) Vulnerability in Limny
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Limny which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Limny The vulnerability exists due to input sanitation error in the " q" parameter in...
Cross-site Scripting (XSS) Vulnerability in Jamroom
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Jamroom which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Jamroom: CVE-2010-2463 The vulnerability exists due to input sanitation error in the "postid" parameter i...
Multiple vulnerabilities in AdaptCMS Lite
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in AdaptCMS Lite which could be exploited to perform cross-site request forgery and cross-site scripting attacks. 1 Cross-site request forgery CSRF in AdaptCMS Lite The vulnerability exists due to insufficient...
Multiple vulnerabilities in Help Desk Software
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Help Desk Software, which can be exploited to perform SQL injection, cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting vulnerabilities in Help Desk Software Input passed via the...
Insecure Method in aTube Catcher ActiveX Control
High-Tech Bridge SA Security Research Lab has discovered vulnerability in aTube Catcher ActiveX Control which could be exploited to perform denial of service attacks. 1 Insecure method in aTube Catcher ActiveX Control The vulnerability exists due to existence of insecure method SaveDecrypted in t...
Cross-site Scripting (XSS) Vulnerability in AJAX Calendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in AJAX Calendar which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AJAX Calendar The vulnerability exists due to input sanitation error in the "y" parameter in...
Multiple Vulnerabilities in Viscacha
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Viscacha which could be exploited to perform cross-site scripting attacks and disclose potentially sensitive information. 1 Cross-site scripting XSS vulnerabilities in Viscacha 1.1 The vulnerability exists due to...
Cross-site Scripting (XSS) Vulnerability in Spitfire
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Spitfire The vulnerability exists due to input sanitation error in the " cmsusername " cookie in...
Multiple Vulnerabilities in Lazyest Gallery
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Lazyest Gallery which could be exploited to perform cross-site scripting attacks and disclose potentially sensitive information. 1 Cross-site scripting XSS vulnerability in Lazyest Gallery The vulnerability exists due to...
Multiple Vulnerabilities in IWantOneButton WordPress Plugin
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in IWantOneButton WordPress Plugin which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in IWantOneButton WordPress Plugin The vulnerability...
SQL Injection Vulnerabilities in Seo Panel
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Seo Panel which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerabilities in Seo Panel 1.1 The vulnerability exists due to input sanitation errors in the "langcode" parameter in...
Multiple Vulnerabilities in ViArt Shop
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ViArt Shop which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in ViArt Shop The vulnerability exists due to input sanitation...
Cross-site Request Forgery (CSRF) in Cambio
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Cambio which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Cambio The vulnerability exists due to insufficient validation of the request origin in...
Multiple Vulnerabilities in KaiBB
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in KaiBB which could be exploited to perform script insertions and SQL injection attacks. 1 Script insertion vulnerability in KaiBB Input passed to the "url" BBCode tag is not properly sanitized. A remote attacker c...
Multiple Vulnerabilities in Energine
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Energine which could be exploited to perform cross-site request forgery and SQL injection attacks. 1 Cross-site request forgery CSRF in in Energine The vulnerability exists due to insufficient validation of the...
Multiple Vulnerabilities in PluXml
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PluXml which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in PluXml 1.1 The vulnerability exists due to input sanitation...