Original advisory at:
http://www.davidsopas.com/2009/07/25/ixxo-cart-standalone-and-joomla-component-sql-injection/
Ref. [DSF-03-2009] – IXXO Cart! Standalone and Joomla Component SQL Injection
Vendor: IXXO Internet Solutions
Status: Patched by vendor
IXXO Cart!
IXXO Cart is an extremely
Ref. [DSF-02-2009] - Zoki Catalog SQL Injection
Vendor: Zoki Soft (www.zokisoft.com)
Status: Patched by vendor
Original advisory:
http://www.davidsopas.com/2009/06/15/zoki-catalog-sql-injection/
Zoki Catalog
Smart Catalog is unique and convenient software. It is designed for
many purposes
Original advisory: http://www.davidsopas.com/2009/05/25/arcade-trade-script-xss/
Arcade Trade Script is a full arcade site CMS (Content Management
System) with easy customization and advanced traffic trading system
built in. With ATS you will hardly ever have to FTP anything. Almost
all files,
Original article:
http://www.davidsopas.com/2008/09/sql-injection-in-easyrealtorpro/
EasyRealtorPRO 2008 provides you with all features you need to setup
your own business oriented real estate website on your own domain
name. Our support team will install the script on your server and then
you
Original article:
http://www.davidsopas.com/2008/09/phpadult-cms-exploit/
phpAdultSite CMS is a PHP-based content management system for a adult
pay site that fully supports MySQL. The code, layout, graphics of
phpAdultSite are consistent through every single page of your site.
It costs between
Original advisory: http://www.davidsopas.com/soapbox/samtodo.txt
XSS
in SamTodo v1.1
http://samjlevy.com/samtodo
by David Sopas Ferreira
smok3f00 at gmail.com
www.davidsopas.com
Found and reported at : 22-05-2008PT
Full disclosure at : 05-06-2008PT
original advisory at http://www.davidsopas.com/soapbox/omerta_xss.txt
XSS flaws in Omerta script (www.barafranca.com)
version tested: 2.7c and 2.8(newer version)
by David Sopas Ferreira
smok3f00 at gmail.com
www.davidsopas.com
Found and reported at : 5-05-2008PT
Full disclosure at: