|
|
Search
|
|
You can use the form below to search our site. Just enter the
keywords to search.
|
|
 |
| Title |
Invision Gallery SQL Injection Vulnerabilities
|
| Info |
Invision Gallery is a fully featured, powerful gallery system that
is easy and fun to use! It plugs right into your existing Invision
Power Board to create a seamless browsing experience for the users
of your forum. Unfortunately Invision Gallery comes up very short
in regards to user supplied input validation. Because of this an
attacker can influence queries, and even use these issues to launch
an attack against the IPB instalattion on which the gallery resides. |
| Date |
March 22, 2022 |
| BID |
9944
|
| Credit |
James Bercegay |
| Title |
Invision Power Top Site List SQL Injection Vulnerability
|
| Info |
Invision Power Top Site List is a flexible site ranking script written in PHP, the popular programming choice for web developers. Featuring an impressive feature set with a user-friendly interface your community will feel at home using the system. It is vulnerable to attack though through a fairly serious SQL Injection issue which may allow an attacker to query arbitrary information such as hashed admin credentials and more. |
| Date |
March 21, 2022 |
| BID |
9945
|
| Credit |
James Bercegay |
| Title |
phpBB 2.0.7a And Earlier Security Issues
|
| Info |
phpBB 2.0.7 and earlier have a number of security issues. One of
these issues is SQL Injection and Cross Site Scripting in the admin
panel. This is an issue that would take either admin access or a bit
of social engineering for an attacker to use. But there is a far more
serious problem in phpBB and that problem is lack of session
authentication in certain parts of phpBB. This could allow for a
malicious user to have an admin unknowingly execute undo-able actions
in both the admin panel and the forum itself. This issue also affects
users. Read this for more details. |
| Date |
March 20, 2022 |
| BID |
9942
|
| Credit |
James Bercegay |
| Title |
Mambo Open Source Multiple Vulnerabilities
|
| Info |
Mambo Open Source is the finest open source Web Content Management
System available today. Mambo Open Source makes communicating via
the Web easy. Have you always wanted to have your own site but never
understood how? Well Mambo Open Source is just the ticket! With Mambo
Open Source there is no need for HTML, XML or DHTML skills, just enter
your content, add a picture and then through the easy to use
administrator web-interface ...click Publish! Simple ... Quick ... And
easy! With the in-built editor Mambo Open Source allows you to design
and create your content without the need for HTML code. Maintaining a
website has never been easier. Mambo Open Source is vulnerable to
several attacks including cross site scripting as well as SQL Injection
vulnerabilities.
|
| Date |
March 16, 2022 |
| BID |
9890
9891
|
| Credit |
James Bercegay |
| Title |
Multiple JelSoft vBulletin XSS Vulnerabilities
|
| Info |
JelSoft vBulletin is a powerful, scalable and fully customisable
forums package for your web site. Based on the PHP language, and
backed with a MySQL back-end database. It is one of the most
popular forum systems in the world. It is also prone to several
XSS (Cross Site Scripting) issues which may allow an attacker to
disclose sensetive user information, and run code in the context
of a victims web browser. Check the JelSoft website for any updates
regarding this issue. |
| Date |
March 15, 2022 |
| BID |
9887
9888
9889
9940
9943
|
| Credit |
James Bercegay |
|
|
|
|
|
