|
Search
|
|
You can use the form below to search our site. Just enter the
keywords to search.
|
|
 |
|
Invision Power Board SQL Injection Vulnerability
|
December 16, 2021 |
|
Invision Power Board is one of the most popular and powerful forums available today. It is used by millions of people worldwide and businesses alike. There is however an SQL Injection vulnerability that affects ALL versions (even the non public releases). The people at Invision power were very prompt and professional in addressing the issue and there is now an available fix less than a week after I discovered the vulnerability. Details and a link to the fix are available in the report by GulfTech Security Research.
|
|
Read This Article
|
Article Read 220 Times |
|
Invision Power Top Site List SQL Injection
|
December 15, 2021 |
|
Invision Power Top Site List is a flexible site ranking script written in PHP. Featuring an impressive feature set with a user-friendly interface. However It is vulnerable to SQL injection. This flaw is hard to exploit, thus it will not be addressed until the next release of the Invision Power Top Site List. No patches or immediate upgrade will be released.
|
|
Read This Article
|
Article Read 126 Times |
|
Multiple Vulnerabilities In DU Ware Products
|
December 15, 2021 |
|
DU Ware are a company that offers a very large number of web based applications for both purchase and free download. Their products are vulnerable to a substantial number of attacks, and contain many weaknesses. This includes but is not limited to: Account HiJacking, Code Execution, Arbitrary File Upload, Privilege Escalation and more. There are currently no fixes for these issues, and no patches will be issued. I guess thier customers will have to wait til the new software versions to have thier data and servers be secure.
|
|
Read This Article
|
Article Read 140 Times |
|
Security Issues In CGINews And CGIForum
|
December 14, 2021 |
|
CGINews and CGIForum are two fairly popular scripts by Markus Triska.
CGINews is a multi-user Web site news posting system written in Perl.
And CGIForum is A template based discussion board also written in Perl.
However they both rely on a very weak encryption algorithm that can be
decrypted easily. The author has no plans on switching to a more secure
one way encryption, so if security is a concern try another forum system.
|
|
Read This Article
|
Article Read 129 Times |
|
osCommerce 2.2-MS1 SQL Injection Vulnerability
|
December 12, 2021 |
|
osCommerce is one of the most popular Open Source e-commerce solutions in the world today.
It comes with many out of the box features and is constantly being developed by the Open
Source Community. Recently GulfTech Security Research has discovered an SQL Injection vuln
in the create_account_process.php and the account_edit_process.php files. This vulnerability
is present in osCommerce 2.2-MS1 but does not appear to be an issue in osCommerce 2.2-MS2.
Advice to all osCommerce shop owners is to upgrade to the latest version of osCommerce by
clicking here.
|
|
Read This Article
|
Article Read 200 Times |
|
Multiple Vulnerabilities In Snitz Forums 2000
|
June 16, 2022 |
|
Snitz forums is a full-featured UBB-style ASP discussion
board application used by thousands of people across the
web. Recently I found many serious vulnerabilities in this
application that may allow an attacker to take over an
entire Snitz forum. The vulnerabilities include cross
site scripting issues, cookie authentication bypass
vulnerability, and a password reset vulnerability. Users
are encouraged to upgrade as soon as possible.
|
|
Read This Article
|
Article Read 167 Times |
|
Multiple Vulnerabilities In Max Web Portal
|
June 06, 2022 |
|
MaxWebPortal is a web portal and online community
system which includes advanced features such as
web-based administration, poll, private/public
events calendar, user customizable color themes,
classifieds, user control panel, online pager,
link, file, article, picture managers and much
more. Easy-to-use and powerful user interface
allows members to add news, content, write
reviews and share information among other
registered users. MaxWebPortal has multiple
vulnerabilities which include cross site
scripting, hidden form weaknesses, Database
exposure, and a password reset vulnerability.
|
|
Read This Article
|
Article Read 183 Times |
|
QPC MegaBrowser Multiple Vulnerabilities
|
June 04, 2022 |
|
QPC MegaBrowser is a webserver / FTP server in one.
Aimed at home users and small business who would like
to run their own FTP and HTTP servers. However it is
vulnerable to a directory traversal vulnerability
which allows access to any file on the system as well
as directory viewing of the root web directory. There
is also a user enumeration vulnerability in the FTP
server that allows an attacker to enumerate valid
usernames.
|
|
Read This Article
|
Article Read 115 Times |
|
Vulns In Pablo Software Solutions FTP Service 1.2
|
June 03, 2022 |
|
FTPService.exe is a service-version of Pablo's FTP Server. This service enables you to have the Pablo FTP server active even when you're not logged into Windows. By default this application is totally open to compromise, and also leaves the users machine open to attacks by allowing access to any file in the C drive. This can be prevented by changing privileges of, or disabling access to the anonymous account. The passwords for Pablo FTP Service are also stored in plaintext, which can definitely be a big threat if the default anonymous account is enabled.
|
|
Read This Article
|
Article Read 141 Times |
|
WinMX Plaintext Password Vulnerabilities
|
June 02, 2022 |
|
WinMX 2.6 is an older version of the popular file
sharing client WinMX. While the current version is
3.31, 2.6 still remains quite popular. Especially
amongst users on private networks. I believe this
is largely due to the fact that 2.6 does not have
the option to output .wsx file (WinMX server list
files) This helps keep the addresses for private
OpenNap servers out of the hands of uninvited users
(amongst other reasons). The problems with WinMX 2.6
is that it provides pretty much NO password protection.
This can be exploited both locally and remotely. Again,
I think all of us have seen the bad habit that most
people have of using the same password for multiple
accounts etc etc.
|
|
Read This Article
|
Article Read 316 Times |
|
Vulnerabilities In P-Synch Password Management
|
May 30, 2022 |
|
P-Synch is a total password management solution. It is intended to
reduce the cost of ownership of password systems, and simultaneously
improve the security of password protected systems. This is done
through: Password Synchronization. Enforcing an enterprise wide
password strength policy. Allowing authenticated users to reset their
own forgotten passwords and enable their locked out accounts.
Streamlining help desk call resolution for password resets. P-Synch is
available for both internal use, on the corporate Intranet, as well as
for the Internet deployment in B2B and B2C applications. There are a few
vulnerabilities in P-Synch such as path disclosure, cross site scripting,
and arbitrary file inclusion. Users should upgrade immediately.
|
|
Read This Article
|
Article Read 133 Times |
|
SubScan 1.2 DNS Discovery Utility Released
|
May 25, 2022 |
|
SubScan is a DNS utility that i built for myself and decided
to share it with the public. Any of you who have used the
earlier versions should know that this version is COMPLETELY
different. It's almost a completely different program, but
accomplishes the same thing really. Here are some things that
are new and improved in SubScan 1.2 If you have any comments,
questions, or need help or anything else feel free to ask on
the forums. Be sure to check out the readme file first though,
as it might just have the answer you are looking for. Anyone
using the contact forms for tech questions will be ignored.
|
|
Read This Article
|
Article Read 72 Times |
|
IISamDiscover And IISamCrack Now Available
|
May 02, 2022 |
|
Recently I noticed that the Microsoft IIS Accounts Manager could be
used to verify accounts much like the VRFY and EXPN commands with
sendmail. Turns out that David Lichtfield discovered this vuln years
earlier, but I don't think it was ever an official BID until I posted
the issue to BugTraq. Anyway, below is a link to the example code that
I wrote. The versions posted at BugTraq are the same, but the formatting
got completely trashed. IISamCrack attempts to enumerate weak passwords
using a dictionary style attck on the Microsoft IIS Accounts Manager.
IISamDiscover uses the Accounts Manager User Existence Disclosure
Vulnerability to confirm or deny the exsistance of a user on the
machine using a list of probable usernames.
|
|
Read This Article
|
Article Read 75 Times |
|
Invision Board Plaintext Password Vulnerability
|
April 25, 2022 |
|
Invision Board has been stores restricted forum credentials as plain text
embedded in cookie data. These are the forums where you need a password to
get access into the forum. If the Invision Board admin 'pass protected'
option is activated for a specific forum, on attempted access to the
controlled area, the restricted forum password is stored as plaintext in a
local cookie. This is dangerous because if an attacker can steal the legit
users cookie via cross site scripting or some other method, then they can
gain access to the restricted forum(s). This vulnerability affects all
versions of Invision Power Board. Users should under no circumstances
disclose any sensitive or personal information on these "restricted" forums,
as they are not secure and prone to attack.
|
|
Read This Article
|
Article Read 155 Times |
|
JpegX Password Bypass Vulnerability
|
April 20, 2022 |
|
Jpegx is a modern day application of steganography. It will
encrypt and hide messages in jpeg files to provide ample medium
for sending secure information. The images remain visually
unchanged but the code inside is altered to hide your message.
Anyone with the Jpegx program could read your message as long
as they know the password that you encrypted it with. There lies
a vulnerability that allows the password feature to be pretty
much useless, as it will accept any password. Users should upgrade
immediately.
|
|
Read This Article
|
Article Read 514 Times |
|
Multiple Vulnerabilities In PHP Links
|
January 17, 2022 |
|
phpLinks is an open source free PHP script. phpLinks
allows you to run a very powerful link farm or search
engine. phpLinks has multilevel site categorization,
infinite threaded search capabilities and more. phpLinks
is prone to HTML injection due to a vulnerability in
the search feature. Search queries are not sufficiently
sanitized of HTML and script code. These search queries
may potentially be displayed to other users when the
most popular searches are viewed. If an attacker
includes malicious HTML or script code in these queries,
it is possible that the attacker-supplied code may be
rendered in the web client software of other users. This
is just one of several code injection issues in phpLinks.
|
|
Read This Article
|
Article Read 137 Times |
|
Vulnerabilities In PHP Topsites
|
January 13, 2022 |
|
PHP TopSites is a PHP/MySQL-based customizable TopList script.
Main features include: Easy configuration config file; MySQL
database backend; unlimited categories, Site rating on incoming
votes; Special Rating from Webmaster; anti-cheating gateway;
Random link; Lost password function; Webmaster Site-approval;
Edit site; ProcessingTime display; Cookies Anti-Cheating; Site
Reviews; Linux Cron Free; Frame Protection and much more. We
have discovered this application has several vulnerabilities.
These vulnerabilities include, but are not limited to: Cross
Site Scripting vulnerabilities, SQL Injection, Script Injection,
and Plaintext password weakness. Users are advised to upgrade
immediately. The most recent version of iTop PHP Topsites can
be found at thier official website.
|
|
Read This Article
|
Article Read 177 Times |
|
|
