Search | Research | Contact Us Tuesday October 10, 2021
Languages
Most Viewed Items
  1 PHPXMLRPC Library Remote Code Execution
  2 XOOPS 2.0.11 && Earlier Multiple Vulnerabilities
  3 Multiple Invision Power Board Vulnerabilities
  4 Mambo Multiple Vulnerabilities
  5 eBay And Amazon Still Vulnerable
  6 PEAR XML_RPC Library Remote Code Execution
  7 When Small Mistakes Can Cause Big Problems
  8 Woltlab Burning Board SQL Injection Vulnerability
  9 WordPress 1.5.1.2 And Earlier Multiple Vulnerabilities
10 MySQL Eventum Multiple Vulnerabilities
Need Secure Code?
Quick Search
You can use the form below to search our site. Just enter the keywords to search.
Home Services Archives Research Downloads Contact
Mambo Authentication Bypass October 4, 2021
Mambo is a popular Open Source Content Management System released under the GNU General Public license (GNU GPL). There are unfortunately some serious flaws in Mambo's login feature that allow for authentication bypass. This can be used to access arbitrary accounts, but even worse can be used to eventually install harmful modules and execute arbitrary php code on the server running Mambo. The Mambo team have committed fixes for these issues to SVN, and patches are available from the official Mambo website. Users are encouraged to patch the vulnerable functionality or update their Mambo installation as soon as possible.
Read This Article Article Read 246 Times
HAMweather Remote Code Execution September 30, 2021
HAMWeather is a popular weather forecasting software that allows webmasters to display detailed weather forecasts and statistics on their websites. Unfortunately some of the features within HAMweather allow for an attacker to inject arbitrary php into the application and successfully execute arbitrary code. Also, because magic_quotes_gpc and register_globals settings are irrelevant when exploiting this issue it makes it that much easier for an attacker to get a remote shell on the host and possibly mount further attacks on the underlying server. An updated version of HAMweather has been released and all users are encouraged to upgrade as soon as possible.
Read This Article Article Read 164 Times
CakePHP Framework Arbitrary File Access September 21, 2021
CakePHP is a RAD (Rapid Application Framework) framework for PHP which uses commonly known design patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. Unfortunately CakePHP is vulnerable to an arbitrary file access vulnerability due to unsafe use of the readfile function that allows for an attacker to read any file on the system that the webserver has read access to. This could be used to read password files or sensitive configuration data etc. An updated version of CakePHP has been released and users encouraged to upgrade their CakePHP installations as soon as possible.
Read This Article Article Read 239 Times
X-Cart Arbitrary Code Execution September 18, 2021
X-Cart is a commercial web based eCommerce solution written in PHP and MySQL that allows for webmasters to host an online marketplace. Unfortunately an attacker may be able to execute arbitrary php code on an X-Cart installation by overwriting key configuration variables. However, because the vulnerability allows for any variables to be overwritten other attacks such as SQL Injection are probably possible as well. Qualiteam have released an updated version of their X-Cart software, and users are strongly encouraged to upgrade as soon as possible or delete the cmpi.php script that resides within the payments directory.
Read This Article Article Read 479 Times
Claroline Arbitrary File Inclusion September 14, 2021
Claroline is a popular online Open Source e-Learning application used to allow teachers or education organizations to create and administrate courses through the web. Claroline is also used as the framework for other e-Learning applications such as Dokeos. Unfortunately Claroline is vulnerable to a file inclusion issue when register globals is on which may allow for an attacker to read or execute arbitrary files. Some frameworks that use Claroline (such as Dokeos) are also vulnerable to the issues mentioned here. An updated version of Claroline has been released and users should upgrade immediately and disable register_globals if possible.
Read This Article Article Read 441 Times
CubeCart Multiple Vulnerabilities August 28, 2021
CubeCart is a very popular web application written in php that allows for an individual to open up a fully functioning online ecommerce service. Unfortunately CubeCart is vulnerable to Cross Site Scripting attacks, SQL Injection attacks, and possible remote code execution due to an attacker being able to include arbitrary php code. An updated version of CubeCart has been released and all users are encouraged to upgrade as soon as possible.
Read This Article Article Read 509 Times
osCommerce Multiple Vulnerabilities August 17, 2021
osCommerce is one of the most popular open source ecommerce web applications ever written. osCommerce allows webmasters to open a fully functioning online marketplace with little effort. Unfortunately there have been several new vulnerabilities discovered in the latest versions of osCommerce. These issues may allow for an attacker to gather arbitrary information from the database such as credit card information, user login information, or personal information. There are also issues with some of osCommerce's file handling functionality that may allow an attacker to gain access to sensitive data. The osCommerce team have released updates to address these vulnerabilities and all users are encouraged to upgrade their osCommerce installations as soon as possible.
Read This Article Article Read 1081 Times
Zen Cart Multiple Vulnerabilities August 15, 2021
Zen Cart is a descendant of the popular osCommerce project, and like osCommerce Zen Cart is one of the most popular open source ecommerce systems in the world. Unfortunately Zen Cart is vulnerable to quite a number of different attacks, and in some circumstances may allow an attacker to execute arbitrary code on the underlying web server with the rights of the httpd process. In addition to remote code execution several different SQL Injection attacks may be possible. The Zen Cart developers have commited fixes for these issues to CVS and an updated version of Zen Cart will be released soon to address the issues. All users should upgrade their Zen Cart installation as soon as possible.
Read This Article Article Read 1240 Times
SquirrelMail Arbitrary Variable Overwriting August 11, 2021
SquirrelMail is a standards-based webmail package written in php. It includes built-in pure PHP support for the IMAP and SMTP protocols. Unfortunately there is a fairly serious variable handling issue in one of the core SquirrelMail scripts that can allow an attacker to take control of variables used within the script, and influence functions and actions within the script. This is due to the unsafe handling of "expired sessions" when composing a message. An updated version of SquirrelMail can be downloaded from their official website. Users are advised to update their SquirrelMail installations as soon as possible.
Read This Article Article Read 1463 Times
PHPLib Remote Code Execution March 5, 2022
The PHP Base Library aka PHPLib is a toolkit for PHP developers supporting them in the development of Web applications. The phpLib codebase can be found in a number of applications available today. Unfortunately some of the session emulation code is vulnerable to SQL Injection issues that in a worst case scenario can lead to remote code execution by using UNION and selecting arbitrary php code into an eval call. A new version og PHPLib has been released and users should upgrade their PHPLib libraries as soon as possible.
Read This Article Article Read 3521 Times
Results 1 - 10 of 10 Results per-page: 5 | 10 | 20 | 50