Multiple Vulnerabilities in SantaFox

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SantaFox which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in SantaFox: CVE-2010-3463 The vulnerability exists due to input...

Cross-site Request Forgery (CSRF) Vulnerabilities in Amiro.CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Amiro.CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Amiro.CMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...

Cross-site Request Forgery (CSRF) Vulnerabilities in Rumba CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Rumba CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Rumba CMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...

Script Insertion Vulnerabilities in ArtGK CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ArtGK CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in ArtGK CMS 1.1 Input passed to the "content" parameter in cms/classes/CForm.php is not properly sanitiz...

Multiple vulnerabilities in TCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Target CMS TCMS, which could be exploited to perform cross-site scripting and SQL Injection attacks, read arbitrary files and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in TCMS 1.1 A...

Cross-site Request Forgery (CSRF) Vulnerabilities in Webmatic

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Webmatic which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Webmatic 1.1 The vulnerability exists due to insufficient validation of the request origin in...

XSS vulnerability in Auto CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Auto CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Auto CMS: CVE-2010-4882 The vulnerability exists due to input sanitation error in the "sitetitle"...

Multiple Vulnerabilities in CompuCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities CompuCMS, which could be exploited to perform cross-site scripting and SQL Injection attacks. 1 Cross-site scripting XSS vulnerabilities in CompuCMS 1.1 The vulnerability exists due to input sanitation error in the...

Directory Traversal Vulnerability in AutoFTP Manager

High-Tech Bridge SA Security Research Lab has discovered vulnerability in AutoFTP Manager which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in AutoFTP Manager: CVE-2010-3104 The vulnerability exists due to insufficient sanitation of the...

Directory Traversal Vulnerability in 3D FTP Client

High-Tech Bridge SA Security Research Lab has discovered vulnerability in 3D FTP Client which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in 3D FTP Client: CVE-2010-3102 The vulnerability exists due to insufficient sanitation of the...

Cross-site Scripting (XSS) Vulnerability in MAXdev

High-Tech Bridge SA Security Research Lab has discovered vulnerability in MAXdev which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in MAXdev The vulnerability exists due to input sanitation error in the "sid" parameter in modules.php. A...

Directory Traversal Vulnerability in FTPGetter

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTPGetter which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTPGetter: CVE-2010-3103 The vulnerability exists due to insufficient sanitation of the downloaded...

Multiple Vulnerabilities in CMSimple

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CMSimple which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in CMSimple The vulnerability exists due to input sanitation...

Cross-site Request Forgery (CSRF) in pimcore

High-Tech Bridge SA Security Research Lab has discovered vulnerability in pimcore which could be exploited to perform cross-site request forgery attacks. 1 Cross-site Request Forgery CSRF in pimcore The vulnerability exists due to insufficient validation of the request origin in...

Multiple Vulnerabilities in CMS Source

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CMS Source, which could be exploited to perform cross-site scripting and SQL Injection attacks and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in CMS Source 1.1 The vulnerability exis...

Cross-site Scripting (XSS) Vulnerabilities in eazyCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eazyCMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in eazyCMS 1.1 The vulnerability exists due to input sanitation error in the "pageid" parameter...

XSS in i-Web Suite

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in i-Web Suite which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in i-Web Suite The vulnerability exists due to input sanitation error in th...

Directory Traversal Vulnerability in SoftX FTP Client

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SoftX FTP Client which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in SoftX FTP Client: CVE-2010-3096 The vulnerability exists due to insufficient sanitation of the...

Cross-site Request Forgery (CSRF) Vulnerabilities in Mystic

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Mystic which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Mystic 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Cross-site Request Forgery (CSRF) Vulnerabilities in Onyx

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Onyx which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Onyx 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Cross-site Scripting (XSS) Vulnerability in Edit-X CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Edit-X CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Edit-X CMS The vulnerability exists due to input sanitation error in the "searchtext" parameter in...

SQL Injection Vulnerability in SyntaxCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SyntaxCMS which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerability in SyntaxCMS An input validation error exists in the "rowsperpage" parameter in...

Multiple Cross-site Scripting (XSS) Vulnerabilities in allinta CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in allinta CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in allinta CMS 1.1 The vulnerability exists due to input sanitation error in the "langURL"...

Script Insertion Vulnerability in Eden Platform

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Eden Platform which could be exploited to perform script insertion attacks. 1 Script insertion vulnerabilities in Eden Platform Input passed to multiple parameters in testimonials/admin/list is not properly sanitized A remo...

Multiple Vulnerabilities in DT Centrepiece

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DT Centrepiece which could be exploited to perform cross-site scripting attacks and bypass certain security restrictions. 1 Cross-site scripting XSS vulnerabilities in DT Centrepiece 1.1 The vulnerability exists...

Directory Traversal Vulnerability in FTP Rush

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Rush which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Rush: CVE-2010-3098 The vulnerability exists due to insufficient sanitation of the downloaded...

Cross-site Request Forgery (CSRF) in Open blog

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open blog which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery vulnerabilities in Open blog: CVE-2010-3025 1.1 The vulnerability exists due to insufficient validati...

Cross-site Scripting (XSS) Vulnerability in SiteLoom CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SiteLoom CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in SiteLoom CMS The vulnerability exists due to input sanitation error in the "mailform1" parameter in...

Multiple Vulnerabilities in Amethyst

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Amethyst which could be exploited to perform cross-site scripting, script insertion and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Amethyst The vulnerability exists due to inp...

Multiple Vulnerabilities in DiamondList

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DiamondList which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in DiamondList: CVE-2010-3023 1.1 The vulnerability exists due...

Directory Traversal Vulnerability in FTP Explorer

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Explorer which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Explorer: CVE-2010-3101 The vulnerability exists due to insufficient sanitation of the...

Multiple Vulnerabilities in BXR

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BXR which could be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in BXR 1.1 The vulnerability exists due to input...

Directory Traversal Vulnerability in Frigate 3 FTP Client

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Frigate 3 built-in FTP client which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in Frigate 3 FTP Client: CVE-2010-3097 The vulnerability exists due to insufficient...

Cross-site Scripting (XSS) Vulnerability in Prado Portal

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Prado Portal which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Prado Portal: CVE-2010-4958 The vulnerability exists due to input sanitation error in the "page"...

Directory Traversal Vulnerability in SmartFTP

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SmartFTP which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in SmartFTP: CVE-2010-3099 The vulnerability exists due to insufficient sanitation of the downloaded...

Directory Traversal Vulnerability in TurboFTP Client

High-Tech Bridge SA Security Research Lab has discovered vulnerability in TurboFTP Client which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in TurboFTP Client The vulnerability exists due to insufficient sanitation of the downloaded...

Directory Traversal Vulnerability in FTP Commander

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Commander, FTP Commander Pro and FTP Commander Deluxe which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Commander The vulnerability exists due to...

Directory Traversal Vulnerability in TurboFTP Server

High-Tech Bridge SA Security Research Lab has discovered vulnerability in TurboFTP Server which could be exploited to delete or execute arbitrary files on vulnerable system. 1 Directory Traversal Vulnerability in TurboFTP Server The vulnerability exists due to insufficient sanitation of the...

Directory Traversal Vulnerability in 32bit FTP Client

High-Tech Bridge SA Security Research Lab has discovered vulnerability in 32bit FTP Client which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in 32bit FTP Client The vulnerability exists due to insufficient sanitation of the downloaded...

Cross-site Scripting (XSS) Vulnerabilities in Campsite

High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in Campsite which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Campsite 1.1 The vulnerability exists due to input sanitation error in the "fcommentsearch"...

Multiple Vulnerabilities in Theeta CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Theeta CMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting vulnerabilities XSS in Theeta CMS 1.1 The vulnerability exists due to input sanitation error i...

Cross-site Request Forgery (CSRF) Vulnerabilities in SyndeoCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SyndeoCMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in SyndeoCMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...

Multiple Cross-site Scripting (XSS) Vulnerabilities in Spitfire

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Spitfire 1.1 The vulnerability exists due to input sanitation error in the "cmsid" and...

Cross-site Scripting (XSS) Vulnerability in DSite CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in DSite CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in DSite CMS The vulnerability exists due to input sanitation error in the "buttonname" parameter in...

Cross-site Request Forgery (CSRF) Vulnerabilities in FestOS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in FestOS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in FestOS 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Cross-site Scripting (XSS) Vulnerability in Gekko Web Builderer

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Gekko Web Builder which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Gekko Web Builder The vulnerability exists due to input sanitation error in the "app" parameter...

Cross-site Scripting (XSS) Vulnerabilities in WebPress

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in WebPress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in WebPress 1.1 The vulnerability exists due to input sanitation error in the "idnummod" parameter in...

Cross-site Scripting (XSS) Vulnerability in Pligg CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Pligg CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Pligg CMS The vulnerability exists due to input sanitation error in the "search" parameter in...

Cross-site Scripting (XSS) Vulnerability in Taggon CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Taggon CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Taggon CMS The vulnerability exists due to input sanitation error in the multiple parameters in...

Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...