Search | WebPortal | Contact Us
Recent News
Languages


Search
You can use the form below to search our site. Just enter the keywords to search.










Results 6 - 10 of 58 Page 2 of 12
back 1 2 3 4 5 6 7 8 9 10 11 12 - Next Results per-page: 5 | 10 | 20 | 50

Title Critical Vulnerability In Help Center Live
Info Help Center Live is a `Live` help desk system written in PHP using a MySql database backend that features Live Support, Trouble Tickets and FAQ within one project. This is a very popular application, especially with webhosts and other services. There lies two file include vulnerabilities (both remote and local) that could allow an attacker to execute malicious server side code on your webserver. Aditionally a cross site scripting issue was found in Help Center Live.
Date December 24th, 2004
BID Not Available  
Credit James Bercegay


Title Cross Site Scripting In Psychostats
Info PsychoStats is a statistics generator for games. Currently there is support for a handful of Half-Life "MODs" including Counter-Strike, Day of Defeat, and Natural Selection. PsychoStats gathers statistics from the log files that game servers create by reading through the logs and then calculating detailed statistics for players, maps, weapons and clans. These detailed statistics are stored in a MySQL database which are then viewed online from your website using a set of PHP web pages. Cross site scripting exists in Jason Morriss PsychoStats. This vulnerability exists due to user supplied input not being checked properly. This vulnerability could be used to steal cookie based authentication credentials within the scope of the current domain, or render hostile code in a victim's browser.
Date December 22nd, 2004
BID Not Available  
Credit James Bercegay


Title Multiple Kayako eSupport Vulnerabilities
Info Kayako eSupport is one of the most feature packed support systems. This program is used by many online businesses and webhosts to help with technical support and other various support issues. This application is vulnerable to both Cross Site Scripting and SQL Injection vulnerabilities. The SQL Injection vulnerabilities are fairly serious and may allow for an attacker to influence SQL queries. Full details inside.
Date December 18th, 2004
BID 12037  
Credit James Bercegay


Title Multiple phpGroupWare Vulnerabilities
Info phpGroupWare (formerly known as webdistro) is a multi-user groupware suite written in PHP. It provides a Web-based calendar, todo-list, addressbook, email, news headlines, and a file manager. The calendar supports repeating events. The email system supports inline graphics and file attachments. The system as a whole supports user preferences, themes, user permissions, multi-language support, an advanced API, and user groups. There have been a number of vulnerabilities found in phpGroupWare, including Cross Site Scripting, SQL Injection, and Full Path Disclosure. This application comes with some linux distributions, so check to see if you have it installed. The SQL Injection can be fairly critical.
Date December 14th, 2004
BID 11952  
Credit James Bercegay


Title Multiple Vulnerabilities In SugarCRM
Info Sugar Sales Professional is the solution for companies who use Sugar Sales in a production environment for mission-critical sales knowledge management. Sugar Sales Professional is a visible source CRM application that offers more features than the open source application. It also includes support by SugarCRM staff. Sugar Sales Professional expands the open source application benefits so that your company experiences better performance, integration and support. Multiple vulnerabilities (some high risk) have been discovered in SugarCRM. A recet version was released recently, and was believed to include security fixes, but several of the vulnerabilities still exist in the recently released version 2.0
Date December 1, 2021
BID 11740  
Credit James Bercegay

back 1 2 3 4 5 6 7 8 9 10 11 12 - Next Results per-page: 5 | 10 | 20 | 50
Results 6 - 10 of 58 Page 2 of 12




Copyright 2004 GulfTech Research And Development, All Rights Reserved