Installation Path Disclosure Weakness in Enano CMS

High-Tech Bridge SA Security Research Lab has discovered a weakness in Enano CMS which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Enano CMS: CVE-2010-4781 The weakness exists due to application reveals the full path to...

Multiple Vulnerabilities in Eclime

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Eclime which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in Eclime: CVE-2010-4852 The vulnerability exists due to input sanitation error ...

Multiple Vulnerabilities in DynPG

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DynPG which could be exploited to perform SQL injection attacks, disclose potentially sensitive information and compromise vulnerable system. 1 Installation path disclosure weakness in in DynPG: CVE-2010-4401 The...

Cross-site Scripting (XSS) Vulnerability in WPTouch Wordpress Plugin

High-Tech Bridge SA Security Research Lab has discovered vulnerability in WPTouch Wordpress Plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in WPTouch Wordpress Plugin: CVE-2010-4779 The vulnerability exists due to input sanitation...

Multiple Vulnerabilities in Wolf CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Wolf CMS which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Wolf CMS The vulnerability exists due to input sanitation erro...

Multiple Vulnerabilities in Frog CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerability in Frog CMS which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in Frog CMS 1.1 The vulnerability exists due to input sanitation...

Multiple Vulnerabilities in CompactCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CompactCMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in CompactCMS 1.1 The vulnerability exists due to input sanitation error i...

SQL injection Vulnerability in IceBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in IceBB which could be exploited to perform SQL injection attacks. 1 The vulnerability exists due to input sanitation errors in the "gmt" parameter in index.php. A remote attacker can send a specially crafted HTTP request to...

Installation Path Disclosure Weakness in CLANSPHERE

High-Tech Bridge SA Security Research Lab has discovered a weakness in CLANSPHERE which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in CLANSPHERE The weakness exists due to application reveals the full path to installation...

Multiple Vulnerabilities in CLANSPHERE

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CLANSPHERE which could be exploited to perform cross-site scripting, script insertion and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in CLANSPHERE The vulnerability exists due to input...

Multiple Vulnerabilities in JAF CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in JAF CMS which could be exploited to compromise vulnerable system. 1 Remote code execution in JAF CMS The vulnerability exists due to insufficient sanitation of input data in module/log/vislog.php. A remote attack...

Multiple Vulnerabilities in SweetRice CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SweetRice CMS which could be exploited to perform cross-site scripting and SQL injection attacks and change administrators password. 1 Cross-site scripting XSS vulnerability in SweetRice CMS The vulnerability...

Multiple Vulnerabilities in MiniBB

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in MiniBB which could be exploited to perform script insertion and SQL injection attacks. 1 Script insertion vulnerability in MiniBB Input passed to the "url" BBCode tag is not properly sanitized. A remote attacker...

Multiple Vulnerabilities in eoCMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eoCMS which could be exploited to perform script insertion and SQL injection attacks, gain access to sensitive information and compromise vulnerable system. 1 Script insertion vulnerability in eoCMS An input...

Script Insertion Vulnerability in Textpattern CMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Textpattern CMS which could be exploited to perform script insertion attacks. 1 Script insertion vulnerability in Textpattern CMS An input sanitation error exists in the comment field. A remote attacker can insert arbitrary...

Cross-site Request Forgery (CSRF) Vulnerabilities in MemHT Portal

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in MemHT Portal which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in MemHT Portal 1.1 The vulnerability exists due to insufficient validation of the request...

Cross-site Request Forgery (CSRF) Vulnerabilities in Kandidat CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Kandidat CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Kandidat CMS 1.1 The vulnerability exists due to insufficient validation of the request...

Multiple Vulnerabilities in Energine

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Energine which could be exploited to perform cross-site request forgery and SQL injection attacks. 1 Cross-site request forgery CSRF in in Energine The vulnerability exists due to insufficient validation of the...

Installation Path Disclosure Weakness in MyBB

High-Tech Bridge SA Security Research Lab has discovered a weakness in MyBB which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in MyBB The weakness exists due to application reveals the full path to installation directory in an...

Authentication Bypass Vulnerability in phpLiterAdmin

High-Tech Bridge SA Security Research Lab has discovered vulnerability in phpLiterAdmin which could be exploited to bypass authentication mechanism and gain unauthorized access to the application. 1 Authentication Bypass Vulnerability in phpLiterAdmin The vulnerability exists due to a design erro...

Multiple Vulnerabilities in Zomplog

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Zomplog which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in Zomplog 1.1 The vulnerability exists due to input sanitation...

Cross-site Request Forgery (CSRF) Vulnerabilities in BlogBird

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BlogBird which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in BlogBird 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Local File Inclusion Vulnerability in DZCP

High-Tech Bridge SA Security Research Lab has discovered vulnerability in DZCP which could be exploited to include and execute arbitrary local files on the target system. 1 Local file inclusion in DZCP Input passed to the " prefixlanguage" cookie in index.php is not properly sanitized before bein...

Local File Inclusion Vulnerability in Novaboard

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Novaboard which could be exploited to include and execute arbitrary local files on the target system. 1 Local file inclusion in Novaboard Input passed to the "novalang" cookie in index.php is not properly sanitized before...

Cross-site Scripting (XSS) Vulnerability in NinkoBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in NinkoBB which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in NinkoBB: CVE-2010-4874 The vulnerability exists due to input sanitation error in parameters...

SQL Injection Vulnerability in DeluxeBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in DeluxeBB which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerability in DeluxeBB: CVE-2010-4151 An input validation error exists in the "xthedateformat" parameter in...

Cross-site Request Forgery (CSRF) Vulnerabilities in sNews

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in sNews which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in sNews 1.1 The vulnerability exists due to insufficient validation of the request origin in...

Installation Path Disclosure Weakness in Tribiq CMS | HTB22640

High-Tech Bridge SA Security Research Lab has discovered a weakness in Tribiq CMS which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in Tribiq CMS The weakness exists due to application reveals the full path to installation...

SQL Injection Vulnerabilities in 4site CMS

High-Tech Bridge SA Security Research Lab has discovered three vulnerabilities in 4site CMS which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerabilities in 4site CMS: CVE-2010-4152 1.1 The vulnerability exists due to insufficient validation ...

Cross-site Request Forgery (CSRF) Vulnerabilities in Ronny CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Ronny CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Ronny CMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...

Multiple Vulnerabilities in PluXml

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PluXml which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in PluXml 1.1 The vulnerability exists due to input sanitation...

Cross-site Scripting (XSS) Vulnerabilities in Contenido CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Contenido CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Contenido CMS 1.1 The vulnerability exists due to input sanitation error in the "idart"...

Directory Traversal Vulnerability in Robo-FTP

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Robo-FTP which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in Robo-FTP: CVE-2010-4095 The vulnerability exists due to insufficient sanitation of the downloaded...

Directory Traversal Vulnerability in AnyConnect

High-Tech Bridge SA Security Research Lab has discovered vulnerability in AnyConnect which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in AnyConnect: CVE-2010-4148 The vulnerability exists due to insufficient sanitation of the downloaded...

Cross-site Request Forgery (CSRF) in Lara

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Lara which could be exploited to perform cross-site request forgery attacks. 1 Cross-site Request Forgery CSRF in Lara The vulnerability exists due to insufficient validation of the request origin in ui/changepassword. A...

Directory Traversal Vulnerability in FreshFTP

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FreshFTP which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FreshFTP: CVE-2010-4149 The vulnerability exists due to insufficient sanitation of the downloaded...

Directory Traversal Vulnerability in CrossFTP Pro

High-Tech Bridge SA Security Research Lab has discovered vulnerability in CrossFTP Pro which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in CrossFTP Pro: CVE-2010-4153 The vulnerability exists due to insufficient sanitation of the...

Directory Traversal Vulnerability in FTP Voyager

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FTP Voyager which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FTP Voyager: CVE-2010-4154 The vulnerability exists due to insufficient sanitation of the downloade...

Cross-site Scripting (XSS) Vulnerabilities in Expression CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Expression CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Expression CMS 1.1 The vulnerability exists due to input sanitation error in the...

Cross-site Scripting (XSS) Vulnerabilities in Lantern CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Lantern CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Lantern CMS 1.1 The vulnerability exists due to input sanitation error in the "signupemail...

Directory Traversal Vulnerability in FilterFTP

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FilterFTP which could be exploited to execute arbitrary code on vulnerable system. 1 Directory Traversal Vulnerability in FilterFTP: CVE-2010-4790 The vulnerability exists due to insufficient sanitation of the downloaded...

Cross-site Scripting (XSS) Vulnerabilities in Docebo

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Docebo which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Docebo 1.1 The vulnerability exists due to input sanitation error in the "upsignature" paramete...

Multiple Vulnerabilities in Elxis CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Elxis CMS which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerabilities in Elxis CMS The vulnerability exists due to input sanitation error in the...

Cross-site Scripting (XSS) Vulnerability in Pluck

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Pluck which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Pluck The vulnerability exists due to input sanitation error in the "cont1" parameter in...

Multiple Vulnerabilities in Entrans

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Entrans which could be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-site scripting XSS vulnerability in Entrans: CVE-2010-4932 The vulnerability exists due to input sanitation erro...

Multiple SQL injection vulnerabilities in e107

High-Tech Bridge SA Security Research Lab has discovered three SQL injection vulnerabilities in e107 which could lead to execution of arbitrary SQL commands in applications database. 1 SQL injection vulnerabilities in e107 1.1 An input validation error exists in the URL in /e107admin/wmessage.php...

Cross-site Scripting (XSS) Vulnerabilities in ATutor

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ATutor which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in ATutor The vulnerability exists due to input sanitation error in the "cid" parameter in...

Multiple Vulnerabilities in AContent

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in AContent which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in AContent 1.1 The vulnerability exists due to input sanitatio...

Cross-site Scripting (XSS) Vulnerability in AChecker

High-Tech Bridge SA Security Research Lab has discovered vulnerability in AChecker which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AChecker: CVE-2010-3455 The vulnerability exists due to input sanitation error in the "uri" parameter in...

Cross-site Request Forgery (CSRF) in Serendipity

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Serendipity which could be exploited to perform cross-site request forgery attacks. 1 Cross-site Request Forgery CSRF in Serendipity: CVE-2010-2957 The vulnerability exists due to insufficient validation of the request orig...