|
|
Search
|
|
You can use the form below to search our site. Just enter the
keywords to search.
|
|
 |
| Title |
JpegX Password Bypass Vulnerability
|
| Info |
Jpegx is a modern day application of steganography. It will
encrypt and hide messages in jpeg files to provide ample medium
for sending secure information. The images remain visually
unchanged but the code inside is altered to hide your message.
Anyone with the Jpegx program could read your message as long
as they know the password that you encrypted it with. There lies
a vulnerability that allows the password feature to be pretty
much useless, as it will accept any password. Users should upgrade
immediately. |
| Date |
April 20, 2022 |
| BID |
7298
|
| Credit |
James Bercegay |
| Title |
Multiple Vulnerabilities In PHP Links
|
| Info |
phpLinks is an open source free PHP script. phpLinks
allows you to run a very powerful link farm or search
engine. phpLinks has multilevel site categorization,
infinite threaded search capabilities and more. phpLinks
is prone to HTML injection due to a vulnerability in
the search feature. Search queries are not sufficiently
sanitized of HTML and script code. These search queries
may potentially be displayed to other users when the
most popular searches are viewed. If an attacker
includes malicious HTML or script code in these queries,
it is possible that the attacker-supplied code may be
rendered in the web client software of other users. This
is just one of several code injection issues in phpLinks. |
| Date |
January 17, 2022 |
| BID |
6632
6633
|
| Credit |
James Bercegay |
| Title |
Vulnerabilities In PHP Topsites
|
| Info |
PHP TopSites is a PHP/MySQL-based customizable TopList script.
Main features include: Easy configuration config file; MySQL
database backend; unlimited categories, Site rating on incoming
votes; Special Rating from Webmaster; anti-cheating gateway;
Random link; Lost password function; Webmaster Site-approval;
Edit site; ProcessingTime display; Cookies Anti-Cheating; Site
Reviews; Linux Cron Free; Frame Protection and much more. We
have discovered this application has several vulnerabilities.
These vulnerabilities include, but are not limited to: Cross
Site Scripting vulnerabilities, SQL Injection, Script Injection,
and Plaintext password weakness. Users are advised to upgrade
immediately. The most recent version of iTop PHP Topsites can
be found at thier official website. |
| Date |
January 13, 2022 |
| BID |
6621
6622
6623
6625
|
| Credit |
James Bercegay |
|
|
|
|
|
