Pachno 1.0.6 (return_to) Open Redirection

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

InfraPower PPS-02-S Q213V1 Multiple XSS Vulnerabilities

Summary InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the connected PDUs. Patented IP Dongle provides IP remote access to the PDUs by a true network IP address chain. Only 1xIP dongle allows access to max. 16 PDUs in daisy chain - which is ...

HP Client Security Manager 8.3.4 Cross-Site Scripting Vulnerability

Summary HP Client Security Manager provides enhanced Windows login and website single-sign-on capabilities. Security Manager is also the host for HP Client Security plugins and should be installed before other Client Security modules. This package is provided for supported notebook models running...

Balero CMS v0.7.2 Multiple Blind SQL Injection Vulnerabilities

Summary Balero CMS is an open source project that can help you manage the page of your company with just a few guided steps, minimizing the costs that many companies make to have your advertising medium and/or portal. Description The application suffers from multiple blind SQL injection...

Ametys CMS 3.5.2 (lang parameter) XPath Injection Vulnerability

Summary Ametys is a Java-based open source CMS combining rich content with an easy-to-use and intuitive interface. Description Input passed via the 'lang' POST parameter in the newsletter plugin is not properly sanitised before being used to construct a XPath query for XML data. This can be...

MyBB 1.6.10 'url' Parameter Arbitrary Site Redirection Vulnerability

Summary MyBB, also known as MyBBoard or MyBulletinBoard, is a powerful, efficient, and free forum package, developed using PHP and MySQL. Description Input passed via the 'url' parameter in 'member.php' script is not properly verified before being used to redirect users. This can be exploited to...

CMSLogik 1.2.1 (upload_file_ajax()) Shell Upload Exploit

Summary CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into. Description The...

Hero Framework 3.69 Remote Reflected Cross-Site Scripting Vulnerability

Summary Hero formerly Caribou CMS is a white label, open source PHP website content management system CMS and development platform. Description Hero suffers from a XSS vulnerability when parsing user input to the 'month' parameter via GET method. Attackers can exploit this weakness to execute...

Family Connections CMS 2.3.2 (POST) Stored XSS And XML Injection

Summary Family Connections is an open source content management system. It makes creating a private, family website easy and fun. Description FCMS suffers from a stored XSS vulnerability post-auth in messageboard.php script thru the 'subject' post parameter. XML Inj. lies in the /inc/getChat.php...

Oracle MySQL Eventum 2.3 Remote Script Insertion Vulnerabilities

Summary Eventum is a user-friendly and flexible issue tracking system that can be used by a support department to track incoming technical support requests, or by a software development team to quickly organize tasks and bugs. Description Eventum suffers from a cross-site scripting vulnerability...

Pachno 1.0.6 FileCache Deserialization Remote Code Execution

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

STVS ProVision 5.9.10 Cross-Site Request Forgery (Add Admin)

Summary STVS is a Swiss company specializing in development of software for digital video recording for surveillance cameras as well as the establishment of powerful and user-friendly IP video surveillance networks. Description The application interface allows users to perform certain actions via...

rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass

Summary Smart home automation software. Description The application suffers from an SQL Injection vulnerability. Input passed through 'usuario' POST parameter in registraUsuario is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate...

Balero CMS v0.7.2 Multiple JS/HTML Injection Vulnerabilities

Summary Balero CMS is an open source project that can help you manage the page of your company with just a few guided steps, minimizing the costs that many companies make to have your advertising medium and/or portal. Description Input passed to the 'content' POST parameter and the cookie 'counte...

ImpressPages CMS v3.6 manage() Function Remote Code Execution Exploit

Summary ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Description The vulnerability is caused due to the improper verification of uploaded files in '/ipcms/modules/developer/configexpimp/manager.php' script thru the 'manage' function...

FluxBB 1.5.3 Multiple Remote Vulnerabilities

Summary FluxBB is fast, light, user-friendly forum software for your website. Description FluxBB suffers from a cross-site scripting, cross-site request forgery and URL redirect vulnerability. The application allows users to perform certain actions via HTTP requests without performing any validit...

Express Burn Plus v4.58 EBP Project File Handling Buffer Overflow PoC

Summary Express Burn is a program that allows you to create and copy many kinds of disc media, including Audio audio CDs / .mp3 CDs, Video DVDs, and Data CDs / DVDs / Blu-ray. Description The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploit...

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

Summary One shop system, many shop solutions. The shop software xt:Commerce 4 is the basic framework for online shops and for merchants who install and configure their own shop. Description xt:Commerce suffers from a stored XSS vulnerability when parsing user input to the 'productsnamede' paramet...

Zend Optimizer 3.3.3 (Windows) Insecure Permissions

Summary Zend Optimizer is a free application that runs the files encoded using Zend Guard and enhances the overall performance of your PHP applications. Description The Zend Optimizer package for Windows is vulnerable to an elevation of privileges vulnerability which can be used by a simple user...

Native Instruments Reaktor 5 Player v5.5.1 Heap Memory Corruption Vulnerability

Summary REAKTOR 5 PLAYER is your free entry point to the award-winning and avant-garde audio world of REAKTOR 5 - the super-powerful modular sound studio that made Native Instruments famous. Description The NI's Reaktor 5 Player suffers from multiple file handling vulnerability when processing .e...

Adobe Extension Manager CS5 v5.0.298 (dwmapi.dll) DLL Hijacking Exploit

Summary Easily install new extensions and manage the ones you already have with the Adobe Extension Manager. Description Adobe Extension Manager CS5 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .mxi...

Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC

Summary Eserv/3.x - Mail, News, Web and Proxy Servers - Mail Server SMTP, IMAP4 and POP3 - News Server NNTP - Web Server HTTP - FTP Server - Proxy Servers HTTP, FTP, Socks, etc - Finger Server - Built-in scheduler and dialer. Description Stack-based buffer overflow in the FTP server in Etype Eser...

Pachno 1.0.6 Stored Cross-Site Scripting

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

Serva 3.0.0 HTTP Server Module Remote Denial of Service Exploit

Summary Serva is a light 3 MB, yet powerful Microsoft Windows application. It was conceived mainly as an Automated PXE Server Solution Accelerator. It bundles on a single exe all of the underlying server protocols and services required by the most complex PXE network boot/install scenarios...

InfraPower PPS-02-S Q213V1 Insecure Direct Object Reference Authorization Bypass

Summary InfraPower Manager PPS-02-S is a FREE built-in GUI of each IP dongle IPD-02-S only to remotely monitor the connected PDUs. Patented IP Dongle provides IP remote access to the PDUs by a true network IP address chain. Only 1xIP dongle allows access to max. 16 PDUs in daisy chain - which is ...

AWBS v2.9.6 Multiple Remote Vulnerabilities

Summary Whether starting new or looking to expand your existing web hosting and/or domain registration business, the AWBS fully automated solutions and unique features will allow you achieve your goal with minimum effort and cost. Description AWBS suffers from multiple SQL Injection...

OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution

Summary The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment tools to create, develop, deploy, share and maintain your OpenWGA CMS applications. Description The application suffers from an arbitrary code execution vulnerability when...

up.time 7.5.0 XSS And CSRF Add Admin Exploit

Summary The next-generation of IT monitoring software. Description The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-i...

Ubisoft Uplay 4.6 Insecure File Permissions Local Privilege Escalation

Summary Uplay is a digital distribution, digital rights management, multiplayer and communications service created by Ubisoft to provide an experience similar to the achievements/trophies offered by various other game companies. Description Uplay for PC suffers from an elevation of privileges...

Ashampoo Burning Studio Elements 10.0.9 (.ashprj) Heap Overflow Vulnerability

Summary Ashampoo Burning Studio Elements offers you everything you need to burn movies, music and data - fast and effectively. The software with the intuitive user interface focuses on the core competencies of burning software and offers you compact functions to tackle all tasks relating to your...

TCExam <=11.2.011 Multiple SQL Injection Vulnerabilities

Summary TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT - Computer-Based Testing or e-exam that enables educators and trainers to author, schedule, deliver, and report on quizzes, tests and exams. Description Input passed via multiple parameters to...

Exponent CMS v0.97 Multiple Vulnerabilities

Summary Open Source Content Management System PHP+MySQL. Description Exponent CMS suffers from multiple vulnerabilities: 1. Local File Inclusion / File Disclosure Vulnerability 2. Arbitrary File Upload / File Modify Vulnerability 3. Reflected Cross-Site Scripting Vulnerability 1 LFI/FD occurs whe...

Pachno 1.0.6 Cross-Site Request Forgery

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

Pachno 1.0.6 (runSwitchUser()) Remote Vertical Privilege Escalation

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

Rapid7 AppSpider 6.12 Web Application Vulnerability Scanner Elevation Of Privilege

Summary While today's malicious attackers pursue a variety of goals, they share a preferred channel of attack - the millions of custom web, mobile, and cloud applications companies deploy to serve their customers. AppSpider dynamically scans these applications for vulnerabilities across all moder...

Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow Vulnerability

Summary Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data access. The product provides actionable audit data about who changed what, when and where and who has access to what. Description The application suffers from a stack-based buffer...

dotCMS 3.2.4 Multiple Vulnerabilities

Summary DotCMS is the next generation of Content Management System CMS. Quick to deploy, open source, Java-based, open APIs, extensible and massively scalable, dotCMS can rapidly deliver personalized, engaging multi-channel sites, web apps, campaigns, one-pagers, intranets - all types of content...

TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability

Summary TeraCopy is designed to copy and move files at the maximum possible speed. It skips bad files during the copying process, and then displays them at the end of the transfer so that you can see which ones need attention. TeraCopy can automatically check the copied files for errors by...

Subrion CMS 2.2.1 Multiple Remote XSS POST Injection Vulnerabilities

Summary Subrion is a free open source content management system. It's written in PHP 5 and utilizes MySQL database. Subrion CMS can be easily integrated into your current website or used as a stand alone platform. It's extremely flexible and scalable php system that stands for a content managemen...

Artiphp CMS 5.5.0 Database Backup Disclosure Exploit

Summary Artiphp is a content management system CMS open and free to create and manage your website. Description Artiphp stores database backups using backupDB utility with a predictable file name inside the web root, which can be exploited to disclose sensitive information by downloading the file...

Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities

Summary Zend Server is a complete, enterprise-ready Web Application Server for running and managing PHP applications. Description Zend Server and its components suffers from a cross-site scripting vulnerability. The persistent stored XSS issues are triggered when input passed via several paramete...

EdrawSoft Office Viewer Component ActiveX 5.6 (officeviewermme.ocx) BoF PoC

Summary Edraw Office Viewer Component contains a standard ActiveX control that acts as an ActiveX document container for hosting Office documents including Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Microsoft Project, and Microsoft Visio documents in a custom form or Web page. The...

XAMPP 1.7.7 Multiple URI Based Cross-Site Scripting Vulnerabilities

Summary XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. Description XAMPP suffers from multiple XSS issues in several scripts that use the 'PHPSELF' variable. The vulnerabilities can be triggered in the 'xamppsecurity.php', 'cds.php' and 'perlinfo.pl' because there...

TCExam <=11.2.011 Multiple Cross-Site Scripting Vulnerabilities

Summary TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT - Computer-Based Testing or e-exam that enables educators and trainers to author, schedule, deliver, and report on quizzes, tests and exams. Description TCExam suffers from multiple pre and pos...

Help & Manual Professional Edition 5.5.1 (ijl15.dll) DLL Hijacking Exploit

Summary Help & Manual 5 is a single-source help authoring and content management system for both single and multi-author editing. Description Help & Manual suffers from a DLL hijacking vulnerability that enables the attacker to execute arbitrary code on the affected machine. The vulnerable...

Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability

Summary Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for numerous languages and currencies, and it is freely available under the GNU GPL. Description Zen Cart v1.3.9f suffers from a file inlcusion vulnerability LFI...

OpenMRS 2.3 (1.11.4) Expression Language Injection Vulnerability

Summary OpenMRS is an application which enables design of a customized medical records system with no programming knowledge although medical and systems analysis knowledge is required. It is a common framework upon which medical informatics efforts in developing countries can be built. Descriptio...

iniNet SpiderControl SCADA Editor 6.30.01 Insecure File Permissions

Summary Modular and automated engineering is provided for HMI and SCADA. The tools are developed to join a large range of engineering modules together quickly. We modularize our software, as the mechanics of a system are modularized today. Easy to visualize with a few clicks. Description...

RealtyScript v4.0.2 Multiple CSRF And Persistent XSS Vulnerabilities

Summary RealtyScript is award-winning real estate software that makes it effortless for a real estate agent, office, or entrepreneur to be up and running with a real estate web site in minutes. The software is in daily use on thousands of domain names in over 40 countries and has been translated...

Adobe InDesign CS3 INDD File Handling Buffer Overflow Vulnerability

Summary Adobe® InDesign® CS3 software provides precise control over typography and built-in creative tools for designing, preflighting, and publishing documents for print, online, or to mobile devices. Include interactivity, animation, video, and sound in page layouts to fully engage readers...