Search | Research | Contact Us Monday September 5, 2021
Languages
Most Viewed Items
  1 PHPXMLRPC Library Remote Code Execution
  2 Multiple Invision Power Board Vulnerabilities
  3 eBay And Amazon Still Vulnerable
  4 When Small Mistakes Can Cause Big Problems
  5 Woltlab Burning Board SQL Injection Vulnerability
  6 Multiple Vulnerabilities In phpWebsite
  7 XOOPS 2.0.11 && Earlier Multiple Vulnerabilities
  8 Critical Vulnerability In Help Center Live
  9 dbPowerAmp Buffer Overflow And DoS Vulnerabilities
10 Document Object Model Hijacking Explained
Need Secure Code?
Quick Search
You can use the form below to search our site. Just enter the keywords to search.
Home Services Archives Research Downloads Contact
Security Issues In CGINews And CGIForum December 14, 2021
CGINews and CGIForum are two fairly popular scripts by Markus Triska. CGINews is a multi-user Web site news posting system written in Perl. And CGIForum is A template based discussion board also written in Perl. However they both rely on a very weak encryption algorithm that can be decrypted easily. The author has no plans on switching to a more secure one way encryption, so if security is a concern try another forum system.
Read This Article Article Read 225 Times
osCommerce 2.2-MS1 SQL Injection Vulnerability December 12, 2021
osCommerce is one of the most popular Open Source e-commerce solutions in the world today. It comes with many out of the box features and is constantly being developed by the Open Source Community. Recently GulfTech Security Research has discovered an SQL Injection vuln in the create_account_process.php and the account_edit_process.php files. This vulnerability is present in osCommerce 2.2-MS1 but does not appear to be an issue in osCommerce 2.2-MS2. Advice to all osCommerce shop owners is to upgrade to the latest version of osCommerce by clicking here.
Read This Article Article Read 397 Times
Multiple Vulnerabilities In Snitz Forums 2000 June 16, 2022
Snitz forums is a full-featured UBB-style ASP discussion board application used by thousands of people across the web. Recently I found many serious vulnerabilities in this application that may allow an attacker to take over an entire Snitz forum. The vulnerabilities include cross site scripting issues, cookie authentication bypass vulnerability, and a password reset vulnerability. Users are encouraged to upgrade as soon as possible.
Read This Article Article Read 564 Times
Multiple Vulnerabilities In Max Web Portal June 06, 2022
MaxWebPortal is a web portal and online community system which includes advanced features such as web-based administration, poll, private/public events calendar, user customizable color themes, classifieds, user control panel, online pager, link, file, article, picture managers and much more. Easy-to-use and powerful user interface allows members to add news, content, write reviews and share information among other registered users. MaxWebPortal has multiple vulnerabilities which include cross site scripting, hidden form weaknesses, Database exposure, and a password reset vulnerability.
Read This Article Article Read 360 Times
QPC MegaBrowser Multiple Vulnerabilities June 04, 2022
QPC MegaBrowser is a webserver / FTP server in one. Aimed at home users and small business who would like to run their own FTP and HTTP servers. However it is vulnerable to a directory traversal vulnerability which allows access to any file on the system as well as directory viewing of the root web directory. There is also a user enumeration vulnerability in the FTP server that allows an attacker to enumerate valid usernames.
Read This Article Article Read 212 Times
Results 81 - 5 of 5 Results per-page: 5 | 10 | 20 | 50