Search | WebPortal | Contact Us
Recent News
Languages


Search
You can use the form below to search our site. Just enter the keywords to search.










Results 36 - 40 of 58 Page 8 of 12
back 1 2 3 4 5 6 7 8 9 10 11 12 - Next Results per-page: 5 | 10 | 20 | 50

Title Multiple Vulnerabilities In phpGedView
Info The phpGedView project parses GEDCOM 5.5 genealogy files and displays them on the Internet in a format similar to PAF. It is one of the top 10 most popular projects at SourceForge. However, in addition to the vulnerabilities found by Vietnamese Security Group last week in phpGedView, GulfTech Security Research has also found a number of vulnerabilities which are now fixed in the latest beta release. These issues include SQL injection vulnerabilities, path disclosure vulnerabilities, cross site scriting vulnerabilities, and a denial of service vulnerability. Users are strongly encouraged to upgrade.
Date January 13, 2022
BID Not Available  
Credit James Bercegay


Title Multiple MetaDot Vulnerabilities Found
Info MetaDot is a very popular Open Source portal application written in Perl and powered by MySql. It's users range from home users to the likes of governments, banks, universities and even NASA ;) It has been found to be prone to SQL Injection, and XSS attacks due to not properl validating the user supplied input that it receives. It also divulges a great deal of information about it's host when calling certain invalid arguments. These vulnerabilities are believed to affect all versions including 5.6.5.4b5 and below. The MetaDot Corporation team has addresses the issues in the latest version though, and users are strongly encouraged to upgrade as soon as possible.
Date January 12, 2022
BID 9439  
Credit James Bercegay


Title Vulnerabilities In PostNuke 0.726 Phoenix
Info PostNuke is a popular Open Source CMS (Content Management System) used by millions of people all across the world. GulfTech Security Research has recendly found a couple of vulnerabilities in the popular open source CMS (Content Managment System) PostNuke. Versions affected are 0.726 Phoenix and though not confirmed older versions may be affected as well. These vulnerabilities have been resolved by the developers very promptly and a patch is available at the official PostNuke website. The vulnerabilities discovered are SQL Injection and Cross Site Scripting. More details of the vulnerabilities available .
Date January 03, 2022
BID 7047  
Credit James Bercegay


Title Multiple osCommerce Vulnerabilities
Info GulfTech Security Research has found yet more vulnerabilities in the popular ecommerce product osCommerce. These vulnerabilities include SQL Injection, Denial Of Service, and Cross Site Scripting. While there has been several vulnerabilities found in this product by us lately, I would like to point out that these finds only make for a more secure product. I do think that the next release of osCommerce (MS3) will be one of the most secure ecommerce products around. The osCommerce development team have been prompt in resolving these issues. Anyway, check out the full detailed report inside and the osCommerce website for a fix :o)
Date December 22, 2021
BID 9275   9277  
Credit James Bercegay


Title Multiple vulnerabilities in ASPapp Products
Info ASPapp offers a wide range of web applications written in .asp Amongst them is the fairly popular AspApp Portal. Several of these products have very weak security and can allow an attacker to completely take over an affected portal or site running the vulnerable software. The vulnerabilities include Script Injection, Account Hijacking, Privilege Escalation, Cross Site Scripting, and Plaintext Authentication Credentials.
Date December 18, 2021
BID 9250  
Credit James Bercegay

back 1 2 3 4 5 6 7 8 9 10 11 12 - Next Results per-page: 5 | 10 | 20 | 50
Results 36 - 40 of 58 Page 8 of 12




Copyright 2004 GulfTech Research And Development, All Rights Reserved