Omeka 2.2 CSRF And Stored XSS Vulnerability

Summary Omeka is a free, flexible, and open source web-publishing platform for the display of library, museum, archives, and scholarly collections and exhibitions. Its 'five-minute setup' makes launching an online exhibition as easy as launching a blog. Description Omeka version 2.2 suffers from ...

OpenVPN Private Tunnel Core Service Unquoted Service Path Elevation Of Privilege

Summary Private Tunnel is a new approach to true Internet security creating a Virtual Private Tunnel VPT or Virtual Private Network VPN that encrypts, privatizes, and protects your Internet traffic. Description Private Tunnel application suffers from an unquoted search path issue impacting the Co...

Ubisoft Uplay 4.6 Insecure File Permissions Local Privilege Escalation

Summary Uplay is a digital distribution, digital rights management, multiplayer and communications service created by Ubisoft to provide an experience similar to the achievements/trophies offered by various other game companies. Description Uplay for PC suffers from an elevation of privileges...

Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow Vulnerability (DoS)

Summary Spark Browser is a free Internet browser with very sharp UIs and cool utilities. It's based on the Chromium technology platform, giving it fast browsing capabilities. Description Spark Browser version 26.5.9999.3511 allows remote attackers to cause a denial of service application crash...

Lunar CMS 3.3 CSRF And Stored XSS Vulnerability

Summary Lunar CMS is a freely distributable open source content management system written for use on servers running the ever so popular PHP5 & MySQL. Description Lunar CMS suffers from a cross-site request forgery and a stored xss vulnerabilities. The application allows users to perform certain...

Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit

Summary Lunar CMS is a freely distributable open source content management system written for use on servers running the ever so popular PHP5 & MySQL. Description Lunar CMS suffers from an unauthenticated arbitrary command execution vulnerability. The issue is caused due to the improper...

Ubisoft Rayman Legends v1.2.103716 Remote Stack Buffer Overflow Vulnerability

Summary Rayman Legends is a 2013 platform game developed by Ubisoft Montpellier and published by Ubisoft. It is the fifth main title in the Rayman series and the direct sequel to the 2011 game Rayman Origins. The game was released for Microsoft Windows, Xbox 360, PlayStation 3, Wii U, and...

ZeroCMS 1.0 (article_id) SQL Injection Vulnerability

Summary ZeroCMS is a very simple Content Management System built using PHP and MySQL. Description Input passed via the 'articleid' GET parameter to zeroviewarticle.php script is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting...

NULL NUKE CMS v2.2 Multiple Vulnerabilities

Summary NULL-8x3-NUKE is a fast, powerful and secure cross platform CMS for windows and Linux using base or full drive paths. Description NULL NUKE CMS suffers from multiple remote vulnerabilities including Stored/Reflected XSS, SQL Injection, Arbitrary File Upload, RCE, Arbitrary File Deletion,...

cFos Personal Net v3.09 Remote Heap Memory Corruption Denial of Service

Summary cFos Personal Net PNet is a full-featured HTTP server intended for personal and professional use. For personal use, instead of hosting websites with a webhoster, you just run it on your Windows machine. For professional use, you rent a virtual windows PC or dedicated PC from a webhoster a...

MA Lighting Technology grandMA onPC v6.808 Remote Denial of Service Exploit

Summary The grandMA onPC software incorporates all functions of a grandMA console and offers you its full potential on your notebook or PC. You can use grandMA onPC for running, programming or offline pre-programming, as well as a smart backup solution within the grandMA system. With the MA onPC...

Kemana Directory 1.5.6 Database Backup Disclosure Exploit

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Cart Engine 3.0.0 (task.php) Local File Inclusion Vulnerability

Summary Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL. Unique features of Cart Engine include: CMS engine based on our qEngine, product options, custom fields, digital products, search engine friendly URL, user...

Cart Engine 3.0.0 Remote Code Execution

Summary Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL. Unique features of Cart Engine include: CMS engine based on our qEngine, product options, custom fields, digital products, search engine friendly URL, user...

Cart Engine 3.0.0 Database Backup Disclosure Exploit

Summary Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL. Unique features of Cart Engine include: CMS engine based on our qEngine, product options, custom fields, digital products, search engine friendly URL, user...

qEngine CMS 6.0.0 Database Backup Disclosure Exploit

Summary qEngine qE is a lightweight, fast, yet feature packed CMS script to help you building your site quickly. Using template engine to separate the php codes from the design, you don't need to touch the codes to design your web site. qE is also expandable by using modules. Description qEngine...

qEngine CMS 6.0.0 (task.php) Local File Inclusion Vulnerability

Summary qEngine qE is a lightweight, fast, yet feature packed CMS script to help you building your site quickly. Using template engine to separate the php codes from the design, you don't need to touch the codes to design your web site. qE is also expandable by using modules. Description qEngine...

Kemana Directory 1.5.6 Remote Code Execution

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Kemana Directory 1.5.6 kemana_admin_passwd Cookie User Password Hash Disclosure

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Kemana Directory 1.5.6 (qvc_init()) Cookie Poisoning CAPTCHA Bypass Exploit

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

qEngine CMS 6.0.0 Remote Code Execution

Summary qEngine qE is a lightweight, fast, yet feature packed CMS script to help you building your site quickly. Using template engine to separate the php codes from the design, you don't need to touch the codes to design your web site. qE is also expandable by using modules. Description qEngine...

Kemana Directory 1.5.6 (run param) Local File Inclusion Vulnerability

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Huawei Technologies eSpace Meeting Service 1.0.0.23 Local Privilege Escalation

Summary Huawei's eSpace Meeting solution fully meets the needs of enterprise customers for an integrated daily collaboration system by integrating the conference server, conference video terminal, conference user authorization, and teleconference. Description The application is vulnerable to an...

couponPHP CMS 1.0 Multiple Stored XSS and SQL Injection Vulnerabilities

Summary couponPHP is a revolutionary content management system for running Coupon and Deal websites. It is feature rich, powerful, beautifully designed and fully automatic. Description couponPHP is vulnerable to multiple Stored XSS and SQL Injection issues. Input passed via the parameters...

Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities

Summary This is a light weight CRM which simplifies process of managing staff, client and projects. Description Multiple stored XSS and CSRF vulnerabilities exist when parsing user input to several POST parameters. The application allows users to perform certain actions via HTTP requests without...

Asseco SEE iBank FX Client <= 2.0.9.3 Local Privilege Escalation Vulnerability

Summary FX Client is an offline application for e-banking that is intended only for legal entities. Description The application is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerabili...

NCH Software Inventoria 3.45 (id param) Reflected Cross-Site Scripting Vulnerability

Summary Inventoria is a business inventory management and stock control software that allows you to manage and monitor your inventory to help streamline your operations and boost profits. Description The application suffers from a reflected XSS issue due to a failure to properly sanitize...

NCH Software Express Burn Plus 4.68 EBP Project File Handling Buffer Overflow PoC

Summary Express Burn is a program that allows you to create and copy many kinds of disc media, including Audio audio CDs / .mp3 CDs, Video DVDs, and Data CDs / DVDs / Blu-ray. Description The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploit...

ACE Stream Media 2.1 (acestream://) Format String Exploit PoC

Summary Ace Stream is an innovative multimedia platform of a new generation, which includes different products and solutions for ordinary Internet users as well as for professional members of the multimedia market. Ace Stream uses in its core, P2P peer-to-peer technology, BitTorrent protocol, whi...

Huawei Technologies du Mobile Broadband 16.0 Local Privilege Escalation

Summary du Mobile Broadband is a shareware application for du EITC UAE users to support mobile broadband 3G activation for du service provider with systems containing one of the supported devices. It lets you access du wireless internet wherever you are and whenever you need it, all powered throu...

BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability

Summary BoxBilling is a free billing, invoicing & client management software. Description BoxBilling suffers from a stored cross-site scripting vulnerability. Input passed to the 'message' POST parameter thru the 'Notification Center' extension/module is not properly sanitised before being return...

Ametys CMS 3.5.2 (lang parameter) XPath Injection Vulnerability

Summary Ametys is a Java-based open source CMS combining rich content with an easy-to-use and intuitive interface. Description Input passed via the 'lang' POST parameter in the newsletter plugin is not properly sanitised before being used to construct a XPath query for XML data. This can be...

LimeSurvey v2.00+ (build 131107) Script Insertion And SQL Injection Vulnerability

Summary LimeSurvey formerly PHPSurveyor is a free and open source on-line survey application written in PHP based on a MySQL, PostgreSQL or MSSQL database, distributed under the GNU General Public License. As a web server-based software it enables users to develop and publish on-line surveys, and...

Practico 13.9 Multiple Vulnerabilities

Summary Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely visual and fast fashion. Without programming knowledge. Description Practico suffers from multiple vulnerabilities including Cross-Site Scripting XSS, SQL Injection SQ...

ImpressPages CMS v3.6 manage() Function Remote Code Execution Exploit

Summary ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Description The vulnerability is caused due to the improper verification of uploaded files in '/ipcms/modules/developer/configexpimp/manager.php' script thru the 'manage' function...

ImpressPages CMS v3.6 Remote Arbitrary File Deletion Vulnerability

Summary ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Description Input passed to the 'files0file' parameter in '/ipcms/modules/administrator/repository/controller.php' is not properly sanitised before being used to delete files. This c...

ImpressPages CMS v3.6 Multiple XSS/SQLi Vulnerabilities

Summary ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Description Input passed via several parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by...

Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability

Summary WooCommerce is an open source e-commerce plugin for WordPress. Description The plugin suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'hide-wc-extensions-message' parameter in the 'admin/woocommerce-admin-settings.php' script. Attackers can exploi...

TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability

Summary TeraCopy is designed to copy and move files at the maximum possible speed. It skips bad files during the copying process, and then displays them at the end of the transfer so that you can see which ones need attention. TeraCopy can automatically check the copied files for errors by...

Ovidentia 7.9.4 Multiple Remote Vulnerabilities

Summary Ovidentia is both a content management system CMS and a collaborative environment Groupware. Description Input passed via several parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting...

Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities

Summary Gnew is a simple Content Management System written with PHP language and using a database server MySQL, PostgreSQL or SQLite for storage. Description Input passed via several parameters is not properly sanitised before being returned to the user or used in SQL queries. This can be exploit...

MyBB 1.6.10 'url' Parameter Arbitrary Site Redirection Vulnerability

Summary MyBB, also known as MyBBoard or MyBulletinBoard, is a powerful, efficient, and free forum package, developed using PHP and MySQL. Description Input passed via the 'url' parameter in 'member.php' script is not properly verified before being used to redirect users. This can be exploited to...

Atlassian JIRA v6.0.3 Arbitrary HTML/Script Execution Vulnerability

Summary JIRA is an issue tracking project management software for teams planning, building, and launching great products. Description JIRA suffers from a reflected XSS issue due to a failure to properly sanitize user-supplied input to the 'name' GET parameter in the 'deleteuserconfirm.jsp' script...

FluxBB 1.5.3 Multiple Remote Vulnerabilities

Summary FluxBB is fast, light, user-friendly forum software for your website. Description FluxBB suffers from a cross-site scripting, cross-site request forgery and URL redirect vulnerability. The application allows users to perform certain actions via HTTP requests without performing any validit...

Windu CMS 2.2 CSRF Add Admin Exploit

Summary Windu CMS is a simple, lightweight and fun-to-use website content management software. Description Windu CMS suffers from a cross-site request forgery vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verif...

Windu CMS 2.2 Multiple Persistent Cross-Site Scripting Vulnerabilities

Summary Windu CMS is a simple, lightweight and fun-to-use website content management software. Description Multiple stored XSS vulnerabilities exist when parsing user input to the 'name' and 'username' POST parameters. Attackers can exploit these weaknesses to execute arbitrary HTML and script co...

Barracuda SSL VPN 680Vx 2.3.3.193 Multiple Script Injection Vulnerabilities

Summary The Barracuda SSL VPN is a powerful plug-and-play appliance purpose-built to provide remote users with secure access to internal network resources. Description Barracuda SSL VPN suffers from multiple stored XSS vulnerabilities when parsing user input to several parameters via POST method...

GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities

Summary GLPI, an initialism for Gestionnaire libre de parc informatique Free Management of Computer Equipment, was designed by Indepnet Association a non profit organisation in 2003. GLPI is a free asset and IT management software package, it also offers functionalities like servicedesk ITIL or...

GLPI v0.83.7 (itemtype) Parameter Traversal Arbitrary File Access Exploit

Summary GLPI, an initialism for Gestionnaire libre de parc informatique Free Management of Computer Equipment, was designed by Indepnet Association a non profit organisation in 2003. GLPI is a free asset and IT management software package, it also offers functionalities like servicedesk ITIL or...

Resin Application Server 4.0.36 Source Code Disclosure Vulnerability

Summary Resin is the Java Application Server for high traffic sites that require speed and scalability. It is one of the earliest Java Application Servers, and has stood the test of time due to engineering prowess. Description The vulnerability is caused do to an improper sanitization of the 'fil...