webgrind 1.0 (dataFile) Remote Reflected XSS Vulnerability

Summary Webgrind is an Xdebug profiling web frontend in PHP5. Description webgrind suffers from a XSS vulnerability when parsing user input to the 'dataFile' parameter via GET method in the index.php script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's...

Manx cms.xml 1.0.1 Multiple HTTP Response Splitting Vulnerabilities

Summary Manx is a Content Management System that uses xml text files to store the page contents, instead of a mysql database. Description Input passed to the POST parameter 'editorChoice' in 'adminblocks.php' and 'adminpages.php' and the POST parameter 'theme' in 'admincss.php', 'adminjs.php' and...

Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

Summary Maxthon Browser is a powerful tabbed browser built for all users. Besides basic browsing functionality, Maxthon Browser provides a rich set of features to improve your surfing experience. Description Maxthon Browser is prone to a denial-of-service vulnerability. An attacker may exploit th...

NUUO Arbitrary File Deletion Vulnerability

Summary NUUO NVRmini 2 is the lightweight, portable NVR solution with NAS functionality. Setup is simple and easy, with automatic port forwarding settings built in. NVRmini 2 supports POS integration, making this the perfect solution for small retail chain stores. NVRmini 2 also comes full equipp...

ZeewaysCMS Multiple Vulnerabilities

Summary ZeewaysCMS is a Content Management System and a complete Web & Mobile Solution developed by Zeeways for Corporates, Individuals or any kind of Business needs. Description ZeewaysCMS suffers from a file inclusion vulnerability LFI when encoded input passed thru the 'targeturl' GET paramete...

Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based Unicode Buffer Overload SEH

Summary PC Companion is a computer application that acts as a portal to Sony Xperia and operator features and applications, such as phone software updates, management of contacts and calendar, media management with Media Go, and a backup and restore feature for your phone content. Description The...

PG eLMS Pro vDEC_2007_01 Multiple Blind SQL Injection Vulnerabilities

Summary eLMS Pro solution is an outstanding and yet simple Learning Management system. Our product is designed for any education formations: from small distance training companies up to big colleges and universities. The system allows to build courses, import SCORM content, deploy online learning...

Zen Cart v1.3.9f Multiple Remote Vulnerabilities

Summary Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for numerous languages and currencies, and it is freely available under the GNU GPL. Description Zen Cart v1.3.9f suffers from a persistent cross-site scripting...

Microsoft Office PowerPoint 2007 v12.0.4518 (pp4x322.dll) DLL Hijacking Exploit

Summary Microsoft PowerPoint is a presentation program by Microsoft. It is part of the Microsoft Office suite, and runs on Microsoft Windows and Apple's Mac OS X operating system. Description MS PowerPoint 2007 suffers from a dll hijacking vulnerability that enables the attacker to execute...

SkaDate Lite 2.0 Remote Code Execution Exploit

Summary SkaDate Lite is a new platform that makes it easy to start online dating business in just a few easy steps. No programming or design knowledge is required. Install the solution, pick a template, and start driving traffic to your new online dating site. Description SkaDate Lite suffers fro...

cFos Personal Net v3.09 Remote Heap Memory Corruption Denial of Service

Summary cFos Personal Net PNet is a full-featured HTTP server intended for personal and professional use. For personal use, instead of hosting websites with a webhoster, you just run it on your Windows machine. For professional use, you rent a virtual windows PC or dedicated PC from a webhoster a...

Wordpress Securimage-WP Plugin v3.2.4 URI-based XSS Vulnerability

Summary Securimage-WP adds powerful CAPTCHA protection to comment forms on posts and pages to help prevent comment spam from getting onto your site. Description Securimage-WP suffers from a XSS issue in 'siwptest.php' that uses the 'PHPSELF' variable. The vulnerability is present because there...

ViArt Shop Enterprise 4.1 (post-auth) Multiple Stored XSS Vulnerabilities

Summary Viart Shop is a PHP based e-commerce suite, aiming to provide everything you need to run a successful on-line business. Description ViArt Shop suffers from multiple stored cross-site scripting vulnerabilities. The issues are triggered when input passed via several parameters to several...

AContent 1.1 Multiple Cross-Site Scripting Vulnerabilities

Summary AContent is an open source learning content authoring system and respository used to create interoperable, accessible, adaptive Web-based learning content. It can be used along with learning management systems to develop, share, and archive learning materials. Description AContent suffers...

ATutor 2.0.2 Multiple Remote Vulnerabilities (SQLi/XSS/PD)

Summary ATutor is an Open Source Web-based Learning Content Management System LCMS designed with accessibility and adaptability in mind. Educators can quickly assemble, package, and redistribute Web-based instructional content, easily retrieve and import prepackaged content, and conduct their...

NetServe Web Server v1.0.58 Multiple Remote Vulnerabilities

Summary NetServe is a super compact Web Server and File Sharing application for Windows NT, 95, 98, 2000, and XP. It's HTTP Web Server can serve all types of files including html, gif and jpeg, actually any files placed in your NetServe directory can be served. New key features include...

MG2 0.5.1 Multiple XSS Vulnerabilities

Summary MG2 is the sequel to the popular image gallery script MiniGal. One of the highlights of MG2 is, that it supports PHP running in safe mode which is unsupported by almost all other dynamic image gallery scripts on the web. Description MG2 suffers from multiple XSS vulns. Several parameters...

TomatoCart 1.0.1 (json.php) Remote Cross-Site Scripting Vulnerability

Summary TomatoCart is the new generation of open source shopping cart solution developed by Elootec Technology Co., Ltd. It is branched from osCommerce 3 as a separate project. Description TomatoCart version 1.0.1 suffers from a XSS vulnerability because input passed via the "action" parameter to...

PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit

Summary With PowerCHM you can create your CHM files automatically from Html Files including .htm, .html and .mht, Text Files .txt, Microsoft Word Documents .doc and Adobe Acrobat Document .pdf. Description The vulnerability is caused due to a boundary error when processing overly long filenames...

SeaMonkey 1.1.11 Remote Denial of Service Exploit PoC

Summary Web-browser, advanced e-mail and newsgroup client, IRC chat client, and HTML editing made simple - all your Internet needs in one application. Description SeaMonkey suffers from a remote denial of service vulnerability DoS, using a special html file with the tag multiple times 24...

Spotify 0.8.2.610 (search func) Memory Exhaustion Exploit

Summary Think of Spotify as your new music collection. Your library. Only this time your collection is vast: millions of tracks and counting. Spotify comes in all shapes and sizes, available for your PC, Mac, home audio system and mobile phone. Wherever you go, your music follows you. Description...

Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities

Summary WebPAM is a web based Promise Array Management Software that's easy-to use, designed to simplify RAID storage management. WebPAM is specifically designed for Promise HBA. WebPAM can configure, manage or monitor Promise RAID products remotely from a web browser from anywhere in the world...

Digital Scribe 1.5 (register_form()) Multiple POST XSS Vulnerabilities

Summary The Digital Scribe is a free, intuitive system designed to help teachers put student work and homework assignments online. Description Digital Scribe suffers from multiple POST XSS vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized...

Textpattern 4.2.0 (txplib_db) Null Termination Cross-Site Scripting Vulnerability

Summary Textpattern is an open source content management system unlike any other; it allows you to easily create, edit and publish content and make it beautiful in a professional, standards-compliant manner. Description Textpattern CMS version 4.2.0 suffers from a XSS vulnerability. Input passed...

BS.Player v2.51 build 1022 (Media Library) Remote Buffer Overflow Vulnerability

Summary Ever since the very beginning in the year 2000, the BS.Player™ has been one of the world's most popular video players. It is popular for many reasons. One however should be pointed out: BS.Player™ is the first software movie player ever to enable its users to focus on watching the movie...

Telefonica O2 Connection Manager 3.4 Local Privilege Escalation Vulnerability

Summary O2 Connection Manager will help you to manage your internet connections by getting you connected to the fastest available network. Automatically connect you to the fastest available network including your home broadband if you have a wireless router. Description O2 Connection Manager...

qEngine CMS 6.0.0 Database Backup Disclosure Exploit

Summary qEngine qE is a lightweight, fast, yet feature packed CMS script to help you building your site quickly. Using template engine to separate the php codes from the design, you don't need to touch the codes to design your web site. qE is also expandable by using modules. Description qEngine...

Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability

Summary WooCommerce is an open source e-commerce plugin for WordPress. Description The plugin suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'hide-wc-extensions-message' parameter in the 'admin/woocommerce-admin-settings.php' script. Attackers can exploi...

Zoho BugTracker Multiple Stored XSS Vulnerabilities

Summary Zoho Bug Tracker is an online bug tracking software that combines a clean and an intuitive interface to submit and track bugs with custom workflows, business rules, custom fields and filters for the bugs that software projects are bound to generate and fix all bugs fast. Description The B...

backupDB() v1.2.7a (onlyDB) Remote XSS Vulnerability

Summary backupDB is a PHP script that backs up MySQL tables and databases to a file uncompressed, gzip, bzip2 for easy daily backup. Description backupDB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to...

Limny 3.0.1 (login.php) Remote URI Based Cross-Site Scripting Vulnerability

Summary Limny is a free and open-source content management framework with a focus on ease to use and develop. It can be used as a stable and powerful core for heavy and light web applications by having main features of web applications such as user management, multilingual system and multiple the...

SopCast 3.4.7 sop:// URI Handling Remote Stack Buffer Overflow PoC

Summary SopCast is a simple, free way to broadcast video and audio or watch the video and listen to radio on the Internet. Adopting P2PPeer-to-Peer technology, It is very efficient and easy to use. SoP is the abbreviation for Streaming over P2P. Sopcast is a Streaming Direct Broadcasting System...

iBrowser Plugin v1.4.1 (dir) Remote Cross-Site Scripting Vulnerability

Summary iBrowser is an image browser plugin for WYSIWYG editors like tinyMCE, SPAW, htmlAREA, Xinha and FCKeditor developed by net4visions. It allows image browsing, resizing on upload, directory management and more with the integration of the phpThumb image library. Description iBrowser suffers...

iManager Plugin v1.2.8 (dir) Remote Cross-Site Scripting Vulnerability

Summary With iManager you can manage your files/images on your webserver, and it provides user interface to most of the phpThumb functions. It works either stand-alone or as a plugin to WYSIWYG editors like tinyMCE, SPAW, htmlAREA, Xinha and FCKeditor. Description iManager suffers from a XSS...

PG eLMS Pro vDEC_2007_01 (contact_us.php) Multiple POST XSS Vulnerabilities

Summary eLMS Pro solution is an outstanding and yet simple Learning Management system. Our product is designed for any education formations: from small distance training companies up to big colleges and universities. The system allows to build courses, import SCORM content, deploy online learning...

Pacer Edition CMS 2.1 (rm) Remote Arbitrary File Deletion Exploit

Summary The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer Edition CMS was based from Website baker core and has been completely redesigned with a whole new look and feel along with many new advanced features to allow you to build sit...

LEADTOOLS ActiveX Common Dialogs 16.5 Multiple Remote Vulnerabilities

Summary With LEADTOOLS you can control any scanner, digital camera or capture card that has a TWAIN 32 and 64 bit device driver. High-level acquisition support is included for ease of use while low-level functionality is provided for flexibility and control in even the most demanding scanning...

Corel Presentations X5 15.0.0.357 (shw) Remote Buffer Preoccupation PoC

Summary Strengthen your visual impact. Create compelling slideshows, proposals, demonstrations and interactive reports. Easily edit pictures, create charts and diagrams, and share content with others. Open, edit and save Microsoft® PowerPoint® files, including the latest OOXML .pptx files...

NCH Software Inventoria 3.45 (id param) Reflected Cross-Site Scripting Vulnerability

Summary Inventoria is a business inventory management and stock control software that allows you to manage and monitor your inventory to help streamline your operations and boost profits. Description The application suffers from a reflected XSS issue due to a failure to properly sanitize...

BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability

Summary BoxBilling is a free billing, invoicing & client management software. Description BoxBilling suffers from a stored cross-site scripting vulnerability. Input passed to the 'message' POST parameter thru the 'Notification Center' extension/module is not properly sanitised before being return...

Sony PC Companion 2.1 (CheckCompatibility()) Stack-based Unicode Buffer Overload

Summary PC Companion is a computer application that acts as a portal to Sony Xperia and operator features and applications, such as phone software updates, management of contacts and calendar, media management with Media Go, and a backup and restore feature for your phone content. Description The...

Sony PC Companion 2.1 (Load()) Stack-based Unicode Buffer Overload SEH

Summary PC Companion is a computer application that acts as a portal to Sony Xperia and operator features and applications, such as phone software updates, management of contacts and calendar, media management with Media Go, and a backup and restore feature for your phone content. Description The...

ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability

Summary Viart Shop is a PHP based e-commerce suite, aiming to provide everything you need to run a successful on-line business. Description Input passed to the 'DATA' POST parameter in 'sipsresponse.php' is not properly sanitised before being used to process product payment data. This can be...

iGallery Plugin v1.0.0 (dir) Remote Cross-Site Scripting Vulnerability

Summary iGallery uses MooTools - image resizing done dynamically using phpThumb - resized images are cached. Description iGallery suffers from a XSS vulnerability when parsing user input to the 'dir' parameter via GET method in '/scripts/pthumb/demo/phpThumb.demo.random.php'. Attackers can exploi...

Mini FTP Server 1.1 Buffer Corruption Remote Denial Of Service Exploit

Summary Minimal FTP server for windows. Uses only managed code. Works with Total commander. Description MiniFTPServer suffers from a denial of service vulnerability when passing large number of bytes after authentication, resulting in a crash. No need for a valid FTP command to exploit this issue...

F-Secure BlackLight 2.2.1092 Local Privilege Escalation Vulnerability

Summary F-Secure BlackLight is a tool that detects files, folders and processes hidden from the user and other programs. BlackLight is also able to remove hidden malware by renaming them. Description The rootkit eliminator is vulnerable to an elevation of privileges vulnerability which can be use...

Pacer Edition CMS 2.1 Remote XSS POST Injection Vulnerability

Summary The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer Edition CMS was based from Website baker core and has been completely redesigned with a whole new look and feel along with many new advanced features to allow you to build sit...

TutorialMS v1.4 (show) Remote SQL Injection Vulnerability

Summary TutorialMS is a free content management system, developed specifically for tutorial pages. It is written in PHP and uses MySQL as a database. TutorialMS offers all the usual features you need to build quick and easy your own tutorial page, without great programming knowledge. Description...

Constructr CMS 3.03 Multiple Remote Vulnerabilities (XSS/SQLi)

Summary ConstructrCMS is a new and fresh Content Management System build with the Power of PHP and MySQL. The Backend is mostly controlled by Ajax for a unique User Experience. Description The CMS suffers from several vulnerabilities SQL and XSS. The sql issue can be triggered when the app tries ...

Nitro PDF Reader 1.4.0 Remote Heap Memory Corruption / DoS PoC

Summary Nitro PDF Reader, free, fast, powerfull and secure. Create PDF files, comment and review, save PDF forms, extract text and images, type text directly onto the page, and more. Description The program suffers from a heap corruption vulnerability which can be exploited by malicious people to...