|
Serious Vulnerabilities In PhotoPost ReviewPost
|
January 2, 2022 |
|
Your community of users represents a wealth of knowledge. Now
your users can help build and maintain your site by writing
reviews of any product imaginable. With ReviewPost, you will
quickly amass a valuable collection of user opinions about
products that relate to your site. ReviewPost can even use
your existing forum login system (if you have one) to keep your
users from having to register twice, and makes an excellent
companion to ReviewPost. PhotoPost ReviewPost are vulnerable to cross site
scripting, SQL Injection, and Arbitrary File Upload. There is a new
version of the software available and users are encouraged to upgrade.
|
|
Read This Article
|
Article Read 471 Times |
|
Serious Vulnerabilities In PhotoPost Classifieds
|
January 1, 2022 |
|
Add a full-featured user-to-user classified ads system to your
website to connect buyers with sellers. No matter what your users
interestes may be, they likely want to buy and sell items related
to your site's topic, and PhotoPost Classifieds makes it easy.
PhotoPost Classifieds is designed to integrate seamlessly into
your current site design, and can even use your existing forum
user database (if you have one) for one central login. PhotoPost Classifieds are vulnerable to cross site scripting, SQL Injection, and Arbitrary File Upload. There is a new version of the software available and users are encouraged to upgrade.
|
|
Read This Article
|
Article Read 326 Times |
|
File Include Vulnerability In php-Calendar
|
December 29th, 2004 |
|
I was searching for a decent calendar which my group at school could
use to keep track of events, etc. We were previously using localendar,
which I didn't like and it had some problems. I found CST-Calendar which
did most of what I wanted, but was rather ugly and missed some features
others in the group wanted. So, I gradually re-wrote CST-Calendar since
that project seems to have stopped work entirely.
[ As quoted from their website ] This program includes several potentially
very dangerous file include vulnerabilities. Since php-calendar is an open
source calendar it has been said that some developers use the php-calendar
in their own projects, thus potentially making their applications vulnerable as well.
|
|
Read This Article
|
Article Read 729 Times |
|
Vulnerabilities In WHM Autopilot
|
December 27th, 2004 |
|
Started by a webhost looking for more out of a simple managment
script, Brandee Diggs (Owner of Spinn A Web Cafe, Founder of
Benchmark Designs) setout to build an internal management system
that could handle the day to day operations of a normal hosting
company. The key was to remove the need to constantly watch your
orders and manage the installs. Alas, WHM AutoPilot was born.
[ as quoted from their official website ] WHM Autopilot is vulnerable
to a number of vulnerabilities such as cross site scripting, file
inclusion, and information disclosure.
|
|
Read This Article
|
Article Read 668 Times |
|
Critical Vulnerability In Help Center Live
|
December 24th, 2004 |
|
Help Center Live is a `Live` help desk system written in PHP using a MySql database
backend that features Live Support, Trouble Tickets and FAQ within one project. This
is a very popular application, especially with webhosts and other services. There
lies two file include vulnerabilities (both remote and local) that could allow an
attacker to execute malicious server side code on your webserver. Aditionally a cross
site scripting issue was found in Help Center Live.
|
|
Read This Article
|
Article Read 894 Times |
|
