GulfTech Research And Development

Search | Research | Contact Us

Tuesday October 10, 2021

Languages

Most Viewed Items

1	PHPXMLRPC Library Remote Code Execution
2	XOOPS 2.0.11 && Earlier Multiple Vulnerabilities
3	Multiple Invision Power Board Vulnerabilities
4	Mambo Multiple Vulnerabilities
5	eBay And Amazon Still Vulnerable
6	PEAR XML_RPC Library Remote Code Execution
7	When Small Mistakes Can Cause Big Problems
8	Woltlab Burning Board SQL Injection Vulnerability
9	WordPress 1.5.1.2 And Earlier Multiple Vulnerabilities
10	MySQL Eventum Multiple Vulnerabilities

Need Secure Code?

Developers, are you concerned with the security of your product? We offer a wide range of security assessment programs that are specifically aimed at making the security of your web applications above and beyond that of your competition, as well as most of the web applications available today. Our rates are very affordable, and our programs are among the most flexible. Don't put something as important as the security of your information in the hands of amateurs, you can't afford to. Contact us today for a free service estimate and consultation.

Quick Search

You can use the form below to search our site. Just enter the keywords to search.

Back 1 2 3 4 5 6 7 8 9 10 11 - Next	Results per-page: 5 \| 10 \| 20 \| 50
Results 31 - 40 of 109	Page 4 of 11

Title	WordPress 1.5.1.2 And Earlier Multiple Vulnerabilities
Info	WordPress is a very popular personal publishing platform aka blog software, and is used by everyone from celebrities, to government officials, to non technical average joe's. There are a number of vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system. These vulnerabilities include SQL Injection, Cross Site Scripting, and also issues that may aid an attacker in social engineering. An updated version of WordPress is available and users are strongly advised to.
Date	June 28, 2022
BID	Not Available
Credit	James Bercegay

Title	Infopop UBB Threads Multiple Vulnerabilities
Info	UBB Threads is a very popular forum system developed by Infopop. There are a number of vulnerabilities in UBB Threads that may allow an attacker to execute cross site scripting, http response splitting, and cross site request forgery attacks. Also, an attacker may include, execute, or read arbitrary local files. These vulnerabilities may allow for an attacker to completely compromise an installation of UBB Threads and possibly more. Users are encouraged to upgrade as soon as possible to the latest UBB Threads release.
Date	June 23, 2022
BID	Not Available
Credit	James Bercegay

Title	paFaq Multiple Vulnerabilities
Info	paFAQ is a FAQ/Knowledge base system that allows webmasters to keep an organized database of Frequently Asked Questions; a Knowledge Database for problems and solutions. There are a number of vulnerabilities in paFaq. These vulnerabilities include arbitrary unauthorized access to the entire paFaq database, as well as admin authentication bypass, sql injection, arbitrary code execution and cross site scripting. An attacker can gain a remote shell on a vulnerable system using these vulnerabilities.
Date	June 20, 2022
BID	Not Available
Credit	James Bercegay

Title	paFileDB Multiple Vulnerabilities
Info	paFileDB is a popular open source web application offered by php Arena. paFileDB allows webmasters to open up an interactive file repository on their website. There are a number of vulnerabilities in paFileDB that may allow for an attacker to include arbitrary files, retrieve sensitive user and/or database information, and completely bypass admin, and team member authentication. Users should upgrade immediately.
Date	June 14, 2022
BID	Not Available
Credit	James Bercegay

Title	FusionBB Multiple Vulnerabilities
Info	FusionBB is a popular online message board written in php and developed by InteractivePHP, INC. There are several vulnerabilities in FusionBB such as SQL Injection and Arbitrary Local File Inclusion. These issues could allow for an attacker to execute arbitrary scripts residing on the web server, retrieve sensitive data from the underlying database, or bypass the FusionBB authentication mechanisms.
Date	June 13, 2022
BID	Not Available
Credit	James Bercegay

Title	osCommerce HTTP Response Splitting
Info	osCommerce is a very popular eCommerce application that allows for individuals to host their own online shop. All current versions of osCommerce are vulnerable to HTTP Response Splitting. These HTTP Response Splitting vulnerabilities may allow for an attacker to steal sensitive user information, or cause temporary web site defacement. The suggested fix for this issue is to make sure that CRLF sequences are not passed to the application.
Date	June 10, 2022
BID	Not Available
Credit	James Bercegay

Title	Invision Gallery Vulnerabilities
Info	Invision Gallery is a community based gallery software that can be integrated into Invision Power Board. There are several security issues in Invision Gallery that may allow for an attacker to force a user into unknowingly / unwillingly perform actions on behalf of an attacker, or an attacker may influence SQL queries and retrieve sensitive information contained within the underlying database. An upgrade has been released for several weeks now and all users should upgrade their gallery installations as soon as possible.
Date	June 09, 2022
BID	Not Available
Credit	James Bercegay

Title	Invision Community Blog Vulnerabilities
Info	Invision Blog is a community based blogging software that can be integrated into Invision Power Board. There are several dangerous SQL Injection vulnerabilities, as well as a cross site scripting vulnerability. These vulnerabilities could allow for an attacker to gain access to sensitive data such as password information and render hostile script in the context of a victims browser which could lead to disclosure of sensitive data such as cookie data.
Date	June 07, 2022
BID	Not Available
Credit	James Bercegay

Title	Format String Vulnerability In Peercast
Info	Peercast is a popular p2p streaming media server (similar to shoutcast). There is a serious security issue in peercast versions 0.1211 and earlier that may allow for an attacker to execute arbitrary code on the remote target with the privileges of the user running peercast (usually administrator) or crash the vulnerable server. There is an updated version of peercast available and all users should upgrade as soon as possible.
Date	May 28, 2022
BID	Not Available
Credit	James Bercegay

Title	Help Center Live Vulnerabilities
Info	Help Center Live is a `Live` help desk system written in PHP using a MySql database backend that features Live Support, Trouble Tickets and FAQ within one project. This is a very popular application, especially with webhosts and other services. Unfortunately Help Center Live is vulnerable to Sql injection, Script Injection, and Cross Site Scripting attacks, but the most serious of the vulnerabilities mentioned (The SQL Injection attacks) require magic_quotes_gpc to be set to off.
Date	May 17, 2022
BID	Not Available
Credit	James Bercegay

Back 1 2 3 4 5 6 7 8 9 10 11 - Next	Results per-page: 5 \| 10 \| 20 \| 50
Results 31 - 40 of 109	Page 4 of 11

Terms of Use | Disclaimer | About GulfTech
Copyright 2005 GulfTech Research And Development, LLC. All Rights Reserved