559 matches found
Multiple Vulnerabilities in MantisBT
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in MantisBT which could be exploited to perform cross-site scripting attacks, gain access to sensitive information and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in MantisBT:...
Buffer Overflow in HP Device Access Manager for Protect Tools Information Store
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in HP Device Access Manager for Protect Tools Information Store which could be exploited to compromise vulnerable system. 1 Buffer overflow in HP Device Access Manager for Protect Tools Information Store: CVE-2011-4162 The...
Multiple Vulnerabilities in SiT! Support Incident Tracker
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in SiT! Support Incident...
Cross-site Scripting (XSS) Vulnerabilities in XOOPS
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in XOOPS which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerabilities in XOOPS: CVE-2011-4565 The vulnerability exists due to input sanitation error in the...
Multiple vulnerabilities in Help Desk Software
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Help Desk Software, which can be exploited to perform SQL injection, cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting vulnerabilities in Help Desk Software Input passed via the...
Cross-site Scripting (XSS) Vulnerability in Zikula Application Framework
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Zikula Application Framework, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Zikula Application Framework Input passed via the "themename" parameter to...
Cross-site Scripting (XSS) Vulnerability WP Events Calendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP Events Calendar, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP Events Calendar Input passed via the "ECid" GET parameter to /wp-admin/admin.php when "page"...
Cross-site Scripting (XSS) Vulnerability in Redirection WordPress Plugin
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Redirection WordPress Plugin which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Redirection WordPress Plugin Input passed via the "id" GET parameter to...
Cross-site Scripting (XSS) Vulnerabilities in WP-Stats-Dashboard
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in WP-Stats-Dashboard which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in WP-Stats-Dashboard 1.1 The vulnerability exists due to input sanitation error in...
Cross-site Scripting (XSS) Vulnerability in Fast Secure Contact Form
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Fast Secure Contact Form wordpress plugin, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Fast Secure Contact Form WordPress Plugin Input appended to the URL afte...
Cross-site Scripting (XSS) Vulnerabilities in eShop for Wordpress
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eShop for Wordpress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in eShop for Wordpress 1.1 The vulnerability exists due to input sanitation error i...
SQL injection in Social Slider
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Social Slider, which can be exploited to perform SQL injection attacks. 1 SQL Injection Vulnerability in Social Slider Input passed via the "rA" POST parameter to /wp-content/plugins/social-slider-2/ajax.php is not properly...
Cross-site Scripting (XSS) Vulnerability in WP e-Commerce
High-Tech Bridge SA Security Research Lab has discovered vulnerability in WP e-Commerce, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WP e-Commerce Input passed via the cartmessages parameter to...
Cross-site Scripting (XSS) Vulnerabilities in HESK
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in HESK which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in HESK 1.1 The vulnerability exists due to input sanitation error in the "hesksettingstmptitle" a...
Open Redirect Weakness in MBoard
High-Tech Bridge SA Security Research Lab has discovered weakness in MBoard which could be exploited to perform phishing attacks. 1 Open redirect weakness in MBoard The weakness exists due to insufficient validation of the input data in the "url" parameter in go.php when redirecting users to...
Cross-site Scripting (XSS) Vulnerabilities in GBook PHP guestbook
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in GBook PHP guestbook which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in GBook PHP guestbook The vulnerability exists due to input sanitation error in th...
Cross-site Scripting (XSS) Vulnerability in Tiki Wiki CMS Groupware
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Tiki Wiki CMS Groupware, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware Input passed via the GET "ajax" parameter to snarfajax.php is not...
Paltalk Messenger ActiveX Control Multiple Insecure Methods
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Paltalk Messenger, which can be exploited to overwrite arbitrary files. 1 Insecure methods in Paltalk Messenger ActiveX Control 1.1 The vulnerability is caused due to the Office Viewer ActiveX control Oa.ocx...
IDrive Online Backup ActiveX control Insecure Method
High-Tech Bridge SA Security Research Lab has discovered vulnerability in IDrive Online Backup ActiveX control, which can be exploited to overwrite arbitrary files. 1 Insecure method in IDrive Online Backup ActiveX Control The vulnerability is caused due to the UniBasicPack.UniTextBox...
StudioLine Photo Basic 3 ActiveX control Insecure Method
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in StudioLine Photo Basic 3 ActiveX control, which can be exploited to overwrite arbitrary files. 1 Insecure method in StudioLine Photo Basic 3 ActiveX control The vulnerability is caused due to the NMSDVDX.DVDEngineX.1...
Multiple Vulnerabilities in ThreeDify Designer ActiveX Control
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ThreeDify Designer ActiveX Control which could be exploited to compromise vulnerable system. 1 Buffer overflow vulnerabilities in ThreeDify Designer ActiveX Control 1.1 Boundary error exists in the "cmdExport"...
Cross-site Scripting Vulnerabilities in Open-Realty
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open-Realty, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerabilities in Open-Realty 1.1 Input passed via the "name", "email", "friendemail", "subject", "message" POS...
Cross-site Scripting (XSS) Vulnerability in FlatPress
High-Tech Bridge SA Security Research Lab has discovered vulnerability in FlatPress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in FlatPress The vulnerability exists due to input sanitation error in the "name", "email" and "url"...
Ashampoo 3D CAD Professional 3 ActiveX control Insecure Method
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in Ashampoo 3D CAD Professional 3 ActiveX control which could be exploited to compromise vulnerable system. 1 Insecure method in Ashampoo 3D CAD Professional 3 ActiveX Control The vulnerability is caused due to the...
Easewe FTP ActiveX Control Multiple Insecure Methods
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Easewe FTP OCX ActiveX Control, which can be exploited to potentially compromise a user's system. 1 Insecure methods in Easewe FTP ActiveX Control 1.1 The vulnerability is caused due to the EaseWeFtp.FtpLibrary...
Insecure Method in aTube Catcher ActiveX Control
High-Tech Bridge SA Security Research Lab has discovered vulnerability in aTube Catcher ActiveX Control which could be exploited to perform denial of service attacks. 1 Insecure method in aTube Catcher ActiveX Control The vulnerability exists due to existence of insecure method SaveDecrypted in t...
Cross-site Scripting (XSS) Vulnerability in FanUpdate
High-Tech Bridge SA Security Research Lab has discovered vulnerability in FanUpdate which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in FanUpdate The vulnerability exists due to input sanitation error in the "pageTitle" parameter in...
Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method
High-Tech Bridge SA Security Research Lab has discovered a vulnerability in Kofax e-Transactions Sender Sendbox, which can be exploited to overwrite arbitrary files. 1 Insecure method in Kofax e-Transactions Sender Sendbox ActiveX Control The vulnerability is caused due to the LEADeMail.LEADSmtp....
Multiple Vulnerabilities in miniblog
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in miniblog which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in miniblog 1.1 The vulnerability exists due to input sanitation error i...
Buffer Overflow Vulnerability in Gogago YouTube Video Converter ActiveX Control
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Gogago YouTube Video Converter ActiveX Control which could be exploited to compromise vulnerable system. 1 Buffer Overflow Vulnerability in Gogago YouTube Video Converter ActiveX Control Boundary error exists in the...
Cross-site Scripting Vulnerabilities in N-13 News
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in N-13 News, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerabilities in N-13 News 1.1 Input passed via the GET "id" parameter to index.php is not properly sanitised...
Cross-site Request Forgery in e107
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in e107 which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in e107 The vulnerability exists due to insufficient verification of the request origin in...
Multiple Vulnerabilities in Free Simple CMS
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in Free Simple CMS which could be exploited to perform cross-site scripting attacks and compromise vulnerable system. 1 Cross-site scripting XSS vulnerabilities in Free Simple CMS 1.1 The vulnerability exists due to input...
Multiple Vulnerabilities in LoudBlog
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LoudBlog which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in LoudBlog The vulnerability exists due to input sanitation error in the "id"...
Cross-site Scripting (XSS) Vulnerability in Happy Chat
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Happy Chat which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Happy Chat The vulnerability exists due to input sanitation error in the "nick" parameter in...
Cross-site Scripting (XSS) Vulnerabilities in TTChat
High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in TTChat which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in TTChat The vulnerability exists due to input sanitation error in the "msg" parameter in default.ph...
Multiple Vulnerabilities in A Really Simple Chat (ARSC)
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in A Really Simple Chat ARSC which could be exploited to perform cross-site scripting, cross-site request forgery and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in A Really Simple Chat ARSC:...
Cross-site Scripting (XSS) Vulnerability in Ajax Chat
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Ajax Chat which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Ajax Chat The vulnerability exists due to input sanitation error in the "chatpath" parameter in...
SQL Injection Vulnerability in ExtCalendar 2
High-Tech Bridge SA Security Research Lab has discovered vulnerability in ExtCalendar 2 which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerability in ExtCalendar 2 The vulnerability exists due to input sanitation errors in the "search" parameter in calsearch.php. A...
Local File Inclusion Vulnerability in TeamCal Pro
High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in TeamCal Pro which could be exploited to compromise vulnerable system. 1 Local file inclusion vulnerability in TeamCal Pro The vulnerability exists due to input sanitation error in the "lang" parameter in index.php. A remo...
Cross-site Scripting (XSS) Vulnerabilities in phpScheduleIt
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in phpScheduleIt which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in phpScheduleIt 1.1 The vulnerability exists due to input sanitation errors in URL in th...
SQL Injection Vulnerability in SuperCali PHP Event Calendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in SuperCali PHP Event Calendar which could be exploited to perform SQL injection attacks. 1 SQL injection vulnerability in SuperCali PHP Event Calendar The vulnerability exists due to input sanitation errors in the "categoryi...
Cross-site Scripting (XSS) Vulnerabilities in PHP Calendar Basic
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHP Calendar Basic which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in PHP Calendar Basic 1.1 The vulnerability exists due to input sanitation errors in...
Remote File Inclusion Vulnerability in ACal
High-Tech Bridge SA Security Research Lab has discovered vulnerability in ACal which could be exploited to compromise vulnerable system. 1 Remote file inclusion vulnerability in ACal Input passed to the "path" parameter in embed/day.php and embed/month.php scripts is not properly sanitized before...
Cross-site Request Forgery (CSRF) in Open Classifieds
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Open Classifieds which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Open Classifieds The vulnerability exists due to insufficient validation of the request origin in...
Cross-site Request Forgery (CSRF) Vulnerabilities in Argyle Social
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Argyle Social which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in Argyle Social 1.1 The vulnerability exists due to insufficient validation...
Cross-site Scripting (XSS) Vulnerabilities in Calendarix
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Calendarix which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Calendarix 1.1 The vulnerability exists due to input sanitation errors in URL in...
Multiple Vulnerabilities in poMMo
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in poMMo which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in poMMo 1.1 The vulnerability exists due to input sanitation erro...
Cross-site Scripting (XSS) Vulnerability in AJAX Calendar
High-Tech Bridge SA Security Research Lab has discovered vulnerability in AJAX Calendar which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AJAX Calendar The vulnerability exists due to input sanitation error in the "y" parameter in...
Cross-site Scripting (XSS) Vulnerability in PHP Directory Listing Script
High-Tech Bridge SA Security Research Lab has discovered vulnerability in PHP Directory Listing Script which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in PHP Directory Listing Script The vulnerability exists due to input sanitation error ...