Multiple Kayako eSupport Vulnerabilities	December 18, 2021
Kayako eSupport is one of the most feature packed support systems. This program is used by many online businesses and webhosts to help with technical support and other various support issues. This application is vulnerable to both Cross Site Scripting and SQL Injection vulnerabilities. The SQL Injection vulnerabilities are fairly serious and may allow for an attacker to influence SQL queries. Full details inside.
Read This Article	Article Read 1697 Times

Document Object Model Hijacking Explained	December 10, 2021
The 2004 Merriam-Webster word of the year was “blog�. For those of you that do not know, blog is short for weblog. Millions of people around the world keep blogs, and these people are not just limited to the tech savvy crowd. Blogs are not the only increasingly popular web applications though. Wiki’s for example allow many users to build an entire community and more by allowing anyone who wants to contribute, to do so. Security is usually a fairly primary concern in an environment with many users, and measures such as script filtering are taken to ensure that no one tries anything “bad�, and that if they do they are unsuccessful in their attempts. Unfortunately though, a good number of these applications are susceptible to Document Object Model Hijacking.
Read This Article	Article Read 5025 Times

Multiple phpGroupWare Vulnerabilities	December 14, 2021
phpGroupWare (formerly known as webdistro) is a multi-user groupware suite written in PHP. It provides a Web-based calendar, todo-list, addressbook, email, news headlines, and a file manager. The calendar supports repeating events. The email system supports inline graphics and file attachments. The system as a whole supports user preferences, themes, user permissions, multi-language support, an advanced API, and user groups. There have been a number of vulnerabilities found in phpGroupWare, including Cross Site Scripting, SQL Injection, and Full Path Disclosure. This application comes with some linux distributions, so check to see if you have it installed. The SQL Injection can be fairly critical.
Read This Article	Article Read 1916 Times

Multiple Vulnerabilities In SugarCRM	December 1, 2021
Sugar Sales Professional is the solution for companies who use Sugar Sales in a production environment for mission-critical sales knowledge management. Sugar Sales Professional is a visible source CRM application that offers more features than the open source application. It also includes support by SugarCRM staff. Sugar Sales Professional expands the open source application benefits so that your company experiences better performance, integration and support. Multiple vulnerabilities (some high risk) have been discovered in SugarCRM. A recet version was released recently, and was believed to include security fixes, but several of the vulnerabilities still exist in the recently released version 2.0
Read This Article	Article Read 2150 Times

dbPowerAmp Buffer Overflow And DoS Vulnerabilities	September 27, 2021
Often called the Swiss Army knife of audio, dMC can digitally rip sound from audio CDs to a multitude of formats. Convert from one format to another while preserving ID tags. Nearly every audio type is supported, including MP3, MP4, Windows Media Audio (WMA), OGG Vorbis, AAC, Monkey's Audio, and FLAC (with optional installs from Codec Central). For Windows Explorer integration, right-click Convert To to pop up useful information on audio files (such as bit rate and length). Record from LPs with an optional Auxiliary Input install. dBpowerAmp Audio Player (dAP) has a digital conditioning equalizer and an advanced music collection. It's skinnable and has a cross-fader, a playlist editor, and a tag editor. dAP plays MP3s, WMA, Ogg Vorbis, Monkeys Audio, Real Audio, WAV, MIDI, and many more. These programs are vulnerable to buffer overflow as well as denial of service vulnerabilities.
Read This Article	Article Read 3246 Times

Multiple Vulnerabilities In EmuLive Server4	September 20, 2021
Server4 is real-time media broadcasting software that works in conjunction with Emulive producer software to create digital television-like channels on the Internet. To web browsers, Server4 appears as a standard web server. Visitors to a Server4 system can browse and view available channels, chat with other users, remotely control cameras, remotely control devices, create user accounts, extend user accounts, purchase time and access controlled subscriptions, purchase one-to-one exclusive conferences, tip channel hosts, purchase additional time and more. Server4 is prone to unauthorized remote administrative access as well as a vulnerability that will allow an attacker to crash a Server4 instalattion remotely. Proof Of Concept code is included.
Read This Article	Article Read 1594 Times

When Small Mistakes Can Cause Big Problems	September 18, 2021
GulfTech Security Research was able to find in the past few weeks, cross site scripting issues that existed on eBay, Amazon, Half.com, HBO, CareerBuilder, AOL, CNN, MTV, and many others. The cross site scripting issues on these websites could allow an attacker to take control of arbitrary accounts, or steal sensitive info. Websites such as eBay, Amazon, and Half.com (for example) have fairly good Security when it comes to protecting their user’s accounts, but even they are vulnerable to data theft via these vulnerabilities. For example, it may be somewhat useless to steal a victim’s cookie, or try and render malicious code, or force command execution on a website with tight account security. So instead of relying on some great technological advantage an attacker could simply attempt to take advantage of the human element and have the victim simply give the attacker their account information. This can be done by using the cross site scripting vulnerabilities to temporarily deface a website. So, instead of rendering malicious code, or trying to steal a user’s cookie, the attacker can link to an offsite JavaScript, and have it render a login form using the vulnerable website’s own HTML and Style Sheet so that it looks nearly identical to the legitimate login form. Of course when a victim logs in to this form it actually just steals their login credentials. The attacker could also use the same methods of temporarily defacing the website to show someone a fictitious news story on a major news website.
Read This Article	Article Read 6954 Times

RhinoSoft DNS4ME HTTP Server Vulnerabilities	September 16, 2021
DNS4Me is the dynamic DNS service that you need to start hosting your own Internet services. When you have a dynamic IP address, you need something to associate a static domain name with it to make it easier for visitors to access the services you provide. With DNS4Me, you can take control of your Web site by running your own HTTP server. Without a hosting company, you've eliminated the cost of hosting as well as a layer of contact between you and your Web site. This gives you unparalleled control overits configuration, content, and delivery. But the benefits of dynamic DNS aren't just for HTTP servers. Any service that can make use of a domain name can benefit from DNS4Me. This includes FTP servers, e-mail servers, daemons for today's popular computer games, NetMeeting… With the reliability and excellent support you've come to expect of RhinoSoft.com backing up DNS4Me, you'll get a powerful, no hassle dynamic DNS solution. The RhinoSoft DNS4ME HTTP server is prone to multiple vulnerabilities, and users are encouraged to upgrade as soon as possible.
Read This Article	Article Read 1699 Times

Multiple Vulnerabilities In phpWebsite	August 31, 2021
phpWebSite provides a complete web site content management solution. All client output is valid XHTML 1.0 and meets the W3C's Web Accessibility Initiative requirements. Currently features: announcement posting, form generator, user management with granulated administration, calendar, poll, faq, photoalbum, bulletin board, rss feeds, user customizable theme support and more. It is one of the most popular content managment systems in the world. However, it is vulnerabile to a number of attacks, some of which allow an attacker to completely take control of a vulnerable phpWebsite installation. Other vulnerabilties in phpWebsite include script injection, SQL injection, forced command execution, and cross site scripting. A security update is available and all phpWebsite users should upgrade their installation as soon as possible.
Read This Article	Article Read 6025 Times

Multiple Vulnerabilities In Xedus Webserver	August 30, 2021
Xedus is a Peer-to-Peer web server and provides you with the ability to share files, music, and any other media, as well as create robust and dynamic web sites, which can feature database access, file system access, with full .net support. Powered by a built in server-side, Microsoft C#, scripting language; Xedus boasts the ability to create sites that can rival web applications built on any other enterprise servers like Apache, IIS, Iplanet… With Xedus, you will never need to pay to host your sites again. Using the peer-to-peer mode, other members of LIVE can access you site by keyword using Internet Explorer even if you do not have a static IP address! Xedus is prone to a number of vulnerabilities, which include Denial Of Service, Cross Site Scripting, and Directory Traversal attacks. These vulnerabilities can allow an attacker to retrieve arbitrary files from the host machine, as well as deny legitimate users access to the webserver.
Read This Article	Article Read 1156 Times

Keene Digital Media Server Directory Traversal	August 25, 2021
Keene Digital Media Server is an easy and affordable way to share all things digital with friends, family, and customers over your broadband connection. DMS turns your computer into a highly secure Web server that automatically converts your files and folders into Web pages, thumbnails, and media shows with no Web programming required. Integrated user and file access security management provide the ultimate control over your content. Keene Digital Media Server allows an attacker to traverse out of the web directory, and retrieve arbitrary files.
Read This Article	Article Read 1146 Times

Easy File Sharing Webserver v1.25 Vulnerabilities	August 24, 2021
Easy File Sharing Web Server is a file sharing software that allows visitors to upload/download files easily through a Web Browser (IE,Netscape,Opera etc.). It can help you share files with your friends and colleagues. They can download files from your computer or upload files from theirs. They will not be required to install this software or any other software because an internet browser is enough. Easy File Sharing Web Server also provides a Bulletin Board System (Forum). The Easy File Sharing Web Server is vulnerable to both Denial Of Service attacks, and unauthorized access to the virtual folders used by the webserver. These vulnerabilities could allow an attacker to crash/DoS the server, or gain read access to arbitrary folders on the server.
Read This Article	Article Read 2107 Times

Possible Security Issues In LiveWorld Products	August 23, 2021
LiveWorld provides collaborative services for online meetings, customer care, and loyalty marketing. Supporting communication between a company and its customers, employees, or partners and among those people themselves - our services help corporations cut costs, increase revenue, and solidify relationships with groups critical to their success. The affected products are beleived to be prone to Cross Site Scripting issues which allow a malicious user to steal sensitive data, temporarily deface a page, or render any malicious script in the context of the victim's browser. The software believed to be vulnerable is LiveForum, LiveQ&A;, and LiveFocusGroups. LiveWorld products are used on major websites such as HBO, eBay, and others.
Read This Article	Article Read 1726 Times

BadBlue Web Server Denial of Service Vulnerability	August 20, 2021
BadBlue lets you run a no-hassle Web site on your own PC for free, including a domain name you can choose. Within seconds, you can transform your PC into a friendly, file-sharing Web server with all the power of a real server on the Internet. Remote users can search for files, explore your shared folders, and run full-blown applications created in HTML, PHP, Perl, and so on. This HTTP server is vulnerable to a Denial of Service attack. This attack can take place when a malicious user makes a certain number of connections to the server. Included is proof of concept code.
Read This Article	Article Read 827 Times

SubScan 1.3 DNS Enumeration Utility Released	August 18, 2021
After a way too long awaited release SubScan 1.3 is here. It is a beta copy, but works. I call it a beta because right now it is only for the Windows OS. I plan changing this in the very near future, but until then the source is available if you want to make it better. Some of the new features in SubScan 1.3 are netblock scans, deep scan, and a wildcard DNS option that helps ignore duplicate records. The deep scan is my favorite feature of the new release, and allows for the enumaration of up to one hundred times more DNS records than in SubScan 1.2. If you have any questions about this release you can get them answered on our forums. Please read the README file before asking any questions though
Read This Article	Article Read 998 Times

Invision Power Board IP Spoofing Vulnerability	June 16, 2022
Invision Power Board (IPB) is a professional forum system that has been built from the ground up with speed and security in mind, taking advantage of object oriented code, highly-optimized SQL queries, and the fast PHP engine. A comprehensive administration control panel is included to help you keep your board running smoothly. Moderators will also enjoy the full range of options available to them via built-in tools and moderators control panel. Members will appreciate the ability to subscribe to topics, send private messages, and perform a host of other options through the user control panel. It is used by millions of people over the world. There lies a vulnerability in all version of Invision Power Board that allow a user to spoof his/her IP address by creating a bogus X_FORWARDED_FOR HTTP Header entry. This condition can also be caused by a user unknowingly if they use a proxy to access the internet. For example, private LAN based IP's will be logged which are impossible to trace.
Read This Article	Article Read 1484 Times

Multiple Vulnerabilities In PHPX 3.26 And Earlier	May 04, 2022
PHPX is a constantly evolving and changing Content Management System (CMS). PHPX is highly customizable and high powered all in one system. PHPX provides content management combined with the power of a portal by including in the core package modules such as FAQ, polls, and forums. PHPX uses dynamic-template-design, what this means is that you have the power to control what your site will look like. Themes are included, but not required. You can create the page however you want, and PHPX will just insert code where you want it. No more 3 columns if you don’t want it! Written in the powerful server language, PHP, and utilizing the amazingly fast and secure database MySQL, PHPX is a great solution for all size website communities, at the best price possible…free! Vulnerabilities are present in version(s) 3.2.6 and earlier and present themselves in the form of cross site scripting, path disclosure, and arbitrary command execution. Users are advised to upgrade immeadiately.
Read This Article	Article Read 889 Times

Multiple Vulnerabilities In OpenBB	April 24, 2022
OpenBB is a fast, lightweight, powerful bulletin board written in PHP/MySQL. Main features include: full customization via styles templates, instant messaging, private messaging, categories, member ranks, poll based threads, moderation, BB codes, thread notifications, Avatars, member lists, private forums and more. OpenBB is prone to several security issues such as SQL Injection, XSS, arbitrary command execution and more.
Read This Article	Article Read 1142 Times

phpBugTracker Multiple Vulnerabilities	April 14, 2022
phpBugTracker is meant to be a replacement for Bugzilla. Simplicity in use and installation, Use templates to achieve presentation independence, Use a database abstraction layer to achieve database independence. phpBugTracker is a portable and powerful web-based bug tracking system. It is vulnerable to several issues including XSS, SQL injection and Script Injection. These issues can be used to expose and alter database information.
Read This Article	Article Read 970 Times

Multiple Vulnerabilities in TikiWiki CMS Groupware	April 11, 2022
Tiki CMS/Groupware (aka TikiWiki) is a powerful open-source Content Management System (CMS) and Groupware that can be used to create all sorts of Web applications, Sites, Portals, Intranets and Extranets. TikiWiki also works great as a Web-based collaboration tool. TikiWiki is a multi-purpose package with a lot of native options and sections that you can enable/disable as you need them. It is designed to be international, clean and extensible. TikiWiki incorporates all the features present in several excellent wiki systems available today plus a lot of new features and options, allowing your wiki application to be whatever you want it to be--from a simple wiki to a complex site for a whole user community with many intermediate steps. You can use TikiWiki as a forums site, a chatroom, for poll taking, and much more! There lies a number of vulnerabilities in TikiWiki though. These vulnerabilities include SQL Injection, Directory Traversal, Information Disclosre, Arbitrary File Upload, XSS, Script Injection and more.
Read This Article	Article Read 1325 Times

PhotoPost PHP Pro Multiple Vulnerabilities	March 28, 2022
PhotoPost PHP Pro is a photo gallery script that allows users to share, upload and manage their photos. PhotoPost also integrates seamlessly into a number of large name forum systems such as Invision Power Board, phpBB, vBulletin, and many more. It is prone to a number of security issues which allow for attack on not only the PhotoPost installation, but also the forum it is integrated into. These vulnerabilities include SQL Injection, XSS, Denial Of Service and Script Injection. Most of the issues seem to be resolved in 4.7
Read This Article	Article Read 1002 Times

Invision Gallery SQL Injection Vulnerabilities	March 22, 2022
Invision Gallery is a fully featured, powerful gallery system that is easy and fun to use! It plugs right into your existing Invision Power Board to create a seamless browsing experience for the users of your forum. Unfortunately Invision Gallery comes up very short in regards to user supplied input validation. Because of this an attacker can influence queries, and even use these issues to launch an attack against the IPB instalattion on which the gallery resides.
Read This Article	Article Read 1134 Times

Invision Power Top Site List SQL Injection Vulnerability	March 21, 2022
Invision Power Top Site List is a flexible site ranking script written in PHP, the popular programming choice for web developers. Featuring an impressive feature set with a user-friendly interface your community will feel at home using the system. It is vulnerable to attack though through a fairly serious SQL Injection issue which may allow an attacker to query arbitrary information such as hashed admin credentials and more.
Read This Article	Article Read 849 Times

phpBB 2.0.7a And Earlier Security Issues	March 20, 2022
phpBB 2.0.7 and earlier have a number of security issues. One of these issues is SQL Injection and Cross Site Scripting in the admin panel. This is an issue that would take either admin access or a bit of social engineering for an attacker to use. But there is a far more serious problem in phpBB and that problem is lack of session authentication in certain parts of phpBB. This could allow for a malicious user to have an admin unknowingly execute undo-able actions in both the admin panel and the forum itself. This issue also affects users. Read this for more details.
Read This Article	Article Read 1745 Times

Mambo Open Source Multiple Vulnerabilities	March 16, 2022
Mambo Open Source is the finest open source Web Content Management System available today. Mambo Open Source makes communicating via the Web easy. Have you always wanted to have your own site but never understood how? Well Mambo Open Source is just the ticket! With Mambo Open Source there is no need for HTML, XML or DHTML skills, just enter your content, add a picture and then through the easy to use administrator web-interface ...click Publish! Simple ... Quick ... And easy! With the in-built editor Mambo Open Source allows you to design and create your content without the need for HTML code. Maintaining a website has never been easier. Mambo Open Source is vulnerable to several attacks including cross site scripting as well as SQL Injection vulnerabilities.
Read This Article	Article Read 1021 Times

Multiple JelSoft vBulletin XSS Vulnerabilities	March 15, 2022
JelSoft vBulletin is a powerful, scalable and fully customisable forums package for your web site. Based on the PHP language, and backed with a MySQL back-end database. It is one of the most popular forum systems in the world. It is also prone to several XSS (Cross Site Scripting) issues which may allow an attacker to disclose sensetive user information, and run code in the context of a victims web browser. Check the JelSoft website for any updates regarding this issue.
Read This Article	Article Read 1274 Times

Phorum 5.0.3 Beta And Earlier XSS Vulnerabilities	March 15, 2022
Phorum is a popular web based message board written in PHP. Phorum is designed with high availability and visitor ease of use in mind. Features such as mailing list integration, easy customization and simple installation make Phorum a powerful add-in to any website. There are a number of XSS (Cross Site Scripting) issues in forum which may allow an attacker or malicious user to run code or script in the context of a users browser which could result in credential disclosure, and more.
Read This Article	Article Read 837 Times

phpBB 2.0.6d && Earlier Security Issues	March 12, 2022
phpBB is a great forum system used by many millions of people. It is one of the more secure of the forum systems, but has a few issues still present; both of which allow for XSS (Cross Site Scripting). This problem presents itself in two different places. One of these places is viewtopic.php and the other is viewforum.php Shown are examples along with a brief explanation on how to replicate this issue. I have also released a fix, and will post official patch information as soon as it is made available. Thanks to the phpBB team for thier quick response!
Read This Article	Article Read 1135 Times

Non Critical Invision Power Board Vulnerabilities	March 02, 2022
This is being released in response to the "vulnerability" recently discovered in Invision Power Board as seen here. We found a very similar vulnerability at the end of last year while researching IPB, but did not report it publicly as we did not see it as exploitable. We recently contacted BugTraq about this but the message was never published or rejected. Long story short you can find details of this "vulnerability" within. Also in this post is a flaw we discovered late last year that discloses the installation path in Invision Power Board. Neither of these vulnerabilities are critical and webmasters need not be alarmed. Upgrade is advised though as soon as a fix is available.
Read This Article	Article Read 964 Times

Possible Credential Exposure In Trillian Pro v2.01	March 01, 2022
Trillian is a multinetwork chat client that currently supports mIRC, AIM, ICQ, MSN, and Yahoo Messenger. It supports docking, multiline edit boxes, buddy alerts, multiple connections to the same medium, a powerful skinning language, easy importing of your existing contacts, skinnable emoticons, logging, global away/invisible features, and a unified contact list. It has a direct connection for AIM, support for user profiles, complete type formatting, buddy icons, proxy support, emotisounds, encrypted instant messaging to ICQ and AIM, AIM group chats, and shell extensions for file transfers. Unfortunately the automated email checking feature in Trillian leaves behind user credintials in a temporary file. To make matters worse these credentials are stored in the temporary file in plaintext, and may be accessed by other users on the host, or network depending on user permissions.
Read This Article	Article Read 954 Times

Multiple Vulnerabilities In phpShop	January 15, 2022
phpShop is a PHP-based e-commerce application and PHP development framework. phpShop offers the basic features needed to run a successful e-commerce web site and to extend its capabilities for multiple purposes. phpShop uses a nice development framework that allows web developers to easily extend its functionality through the use of modules. Its web-box architecture makes it easy to understand and work with, while providing powerful function management capabilities for your web application needs. It is one of the most popular php SQL driven e-commerce solutions available today. There are several vulnerabilities present in phpShop. The vulnerabilities are believed to affect all versions of phpShop currently distributed, and include SQL Injection, Arbitrary Customer Information Disclosure, Cross Site Scripting, and Script Injection. A fix for these vulnerabilities should be available shortly. Please visit the official phpShop website for more details as they are made available.
Read This Article	Article Read 1104 Times

Multiple Vulnerabilities In phpGedView	January 13, 2022
The phpGedView project parses GEDCOM 5.5 genealogy files and displays them on the Internet in a format similar to PAF. It is one of the top 10 most popular projects at SourceForge. However, in addition to the vulnerabilities found by Vietnamese Security Group last week in phpGedView, GulfTech Security Research has also found a number of vulnerabilities which are now fixed in the latest beta release. These issues include SQL injection vulnerabilities, path disclosure vulnerabilities, cross site scriting vulnerabilities, and a denial of service vulnerability. Users are strongly encouraged to upgrade.
Read This Article	Article Read 910 Times

Multiple MetaDot Vulnerabilities Found	January 12, 2022
MetaDot is a very popular Open Source portal application written in Perl and powered by MySql. It's users range from home users to the likes of governments, banks, universities and even NASA ;) It has been found to be prone to SQL Injection, and XSS attacks due to not properl validating the user supplied input that it receives. It also divulges a great deal of information about it's host when calling certain invalid arguments. These vulnerabilities are believed to affect all versions including 5.6.5.4b5 and below. The MetaDot Corporation team has addresses the issues in the latest version though, and users are strongly encouraged to upgrade as soon as possible.
Read This Article	Article Read 867 Times

Vulnerabilities In PostNuke 0.726 Phoenix	January 03, 2022
PostNuke is a popular Open Source CMS (Content Management System) used by millions of people all across the world. GulfTech Security Research has recendly found a couple of vulnerabilities in the popular open source CMS (Content Managment System) PostNuke. Versions affected are 0.726 Phoenix and though not confirmed older versions may be affected as well. These vulnerabilities have been resolved by the developers very promptly and a patch is available at the official PostNuke website. The vulnerabilities discovered are SQL Injection and Cross Site Scripting. More details of the vulnerabilities available .
Read This Article	Article Read 803 Times

Multiple osCommerce Vulnerabilities	December 22, 2021
GulfTech Security Research has found yet more vulnerabilities in the popular ecommerce product osCommerce. These vulnerabilities include SQL Injection, Denial Of Service, and Cross Site Scripting. While there has been several vulnerabilities found in this product by us lately, I would like to point out that these finds only make for a more secure product. I do think that the next release of osCommerce (MS3) will be one of the most secure ecommerce products around. The osCommerce development team have been prompt in resolving these issues. Anyway, check out the full detailed report inside and the osCommerce website for a fix :o)
Read This Article	Article Read 2145 Times

Multiple vulnerabilities in ASPapp Products	December 18, 2021
ASPapp offers a wide range of web applications written in .asp Amongst them is the fairly popular AspApp Portal. Several of these products have very weak security and can allow an attacker to completely take over an affected portal or site running the vulnerable software. The vulnerabilities include Script Injection, Account Hijacking, Privilege Escalation, Cross Site Scripting, and Plaintext Authentication Credentials.
Read This Article	Article Read 729 Times

Autorank PHP SQL Injection Vulnerability	December 18, 2021
Autorank PHP is a widely used topsite script offered by JMB Software. It is vulnerable to SQL Injection attacks in the "accounts.php" file. These vulnerabilities can be exploited by a malicious user via the lost password form, account edit form, or the registration form. The vulnerabilities leave user accounts open to compromise as well as the entire database that is being used for a particular top site.
Read This Article	Article Read 915 Times

osCommerce Malformed Session ID XSS Vulnerability	December 17, 2021
osCommerce is a very powerful open source e-commerce solution. It has been found however to be vulnerable to an XSS vuln due to the session id parameter not being properly sanitized. This seems to take place only over a secure, SSL connection, however it is believed to affect even regular http connections in the current CVS version. In some cases (namely the CVS version) the full path of the web directory may also be exposed when exploiting this vulnerability.
Read This Article	Article Read 918 Times

Multiple Vulnerabilities In Aardvark Topsites	December 16, 2021
Aardvark Topsites is a very powerful, and popular Topsites Ranking web application. Versions prior to 4.1.1 are vulnerable to a number of issues though. These issues include SQL Injection, Path Disclosure, Plaintext Weaknesses, and information disclosure vulnerabilities. You can update your Aardvark Topsite at the official download site. All users should upgrade as soon as possible.
Read This Article	Article Read 769 Times

Invision Power Board SQL Injection Vulnerability	December 16, 2021
Invision Power Board is one of the most popular and powerful forums available today. It is used by millions of people worldwide and businesses alike. There is however an SQL Injection vulnerability that affects ALL versions (even the non public releases). The people at Invision power were very prompt and professional in addressing the issue and there is now an available fix less than a week after I discovered the vulnerability. Details and a link to the fix are available in the report by GulfTech Security Research.
Read This Article	Article Read 1139 Times

Invision Power Top Site List SQL Injection	December 15, 2021
Invision Power Top Site List is a flexible site ranking script written in PHP. Featuring an impressive feature set with a user-friendly interface. However It is vulnerable to SQL injection. This flaw is hard to exploit, thus it will not be addressed until the next release of the Invision Power Top Site List. No patches or immediate upgrade will be released.
Read This Article	Article Read 709 Times

Multiple Vulnerabilities In DU Ware Products	December 15, 2021
DU Ware are a company that offers a very large number of web based applications for both purchase and free download. Their products are vulnerable to a substantial number of attacks, and contain many weaknesses. This includes but is not limited to: Account HiJacking, Code Execution, Arbitrary File Upload, Privilege Escalation and more. There are currently no fixes for these issues, and no patches will be issued. I guess thier customers will have to wait til the new software versions to have thier data and servers be secure.
Read This Article	Article Read 750 Times

Security Issues In CGINews And CGIForum	December 14, 2021
CGINews and CGIForum are two fairly popular scripts by Markus Triska. CGINews is a multi-user Web site news posting system written in Perl. And CGIForum is A template based discussion board also written in Perl. However they both rely on a very weak encryption algorithm that can be decrypted easily. The author has no plans on switching to a more secure one way encryption, so if security is a concern try another forum system.
Read This Article	Article Read 791 Times

osCommerce 2.2-MS1 SQL Injection Vulnerability	December 12, 2021
osCommerce is one of the most popular Open Source e-commerce solutions in the world today. It comes with many out of the box features and is constantly being developed by the Open Source Community. Recently GulfTech Security Research has discovered an SQL Injection vuln in the create_account_process.php and the account_edit_process.php files. This vulnerability is present in osCommerce 2.2-MS1 but does not appear to be an issue in osCommerce 2.2-MS2. Advice to all osCommerce shop owners is to upgrade to the latest version of osCommerce by clicking here.
Read This Article	Article Read 1364 Times

Multiple Vulnerabilities In Snitz Forums 2000	June 16, 2022
Snitz forums is a full-featured UBB-style ASP discussion board application used by thousands of people across the web. Recently I found many serious vulnerabilities in this application that may allow an attacker to take over an entire Snitz forum. The vulnerabilities include cross site scripting issues, cookie authentication bypass vulnerability, and a password reset vulnerability. Users are encouraged to upgrade as soon as possible.
Read This Article	Article Read 1365 Times

Multiple Vulnerabilities In Max Web Portal	June 06, 2022
MaxWebPortal is a web portal and online community system which includes advanced features such as web-based administration, poll, private/public events calendar, user customizable color themes, classifieds, user control panel, online pager, link, file, article, picture managers and much more. Easy-to-use and powerful user interface allows members to add news, content, write reviews and share information among other registered users. MaxWebPortal has multiple vulnerabilities which include cross site scripting, hidden form weaknesses, Database exposure, and a password reset vulnerability.
Read This Article	Article Read 1034 Times

QPC MegaBrowser Multiple Vulnerabilities	June 04, 2022
QPC MegaBrowser is a webserver / FTP server in one. Aimed at home users and small business who would like to run their own FTP and HTTP servers. However it is vulnerable to a directory traversal vulnerability which allows access to any file on the system as well as directory viewing of the root web directory. There is also a user enumeration vulnerability in the FTP server that allows an attacker to enumerate valid usernames.
Read This Article	Article Read 642 Times

Vulns In Pablo Software Solutions FTP Service 1.2	June 03, 2022
FTPService.exe is a service-version of Pablo's FTP Server. This service enables you to have the Pablo FTP server active even when you're not logged into Windows. By default this application is totally open to compromise, and also leaves the users machine open to attacks by allowing access to any file in the C drive. This can be prevented by changing privileges of, or disabling access to the anonymous account. The passwords for Pablo FTP Service are also stored in plaintext, which can definitely be a big threat if the default anonymous account is enabled.
Read This Article	Article Read 789 Times

WinMX Plaintext Password Vulnerabilities	June 02, 2022
WinMX 2.6 is an older version of the popular file sharing client WinMX. While the current version is 3.31, 2.6 still remains quite popular. Especially amongst users on private networks. I believe this is largely due to the fact that 2.6 does not have the option to output .wsx file (WinMX server list files) This helps keep the addresses for private OpenNap servers out of the hands of uninvited users (amongst other reasons). The problems with WinMX 2.6 is that it provides pretty much NO password protection. This can be exploited both locally and remotely. Again, I think all of us have seen the bad habit that most people have of using the same password for multiple accounts etc etc.
Read This Article	Article Read 1569 Times

Vulnerabilities In P-Synch Password Management	May 30, 2022
P-Synch is a total password management solution. It is intended to reduce the cost of ownership of password systems, and simultaneously improve the security of password protected systems. This is done through: Password Synchronization. Enforcing an enterprise wide password strength policy. Allowing authenticated users to reset their own forgotten passwords and enable their locked out accounts. Streamlining help desk call resolution for password resets. P-Synch is available for both internal use, on the corporate Intranet, as well as for the Internet deployment in B2B and B2C applications. There are a few vulnerabilities in P-Synch such as path disclosure, cross site scripting, and arbitrary file inclusion. Users should upgrade immediately.
Read This Article	Article Read 802 Times