Hi Salvatore Fresta!
Thanks the report.
It is a real problem.
I am working it.
Help me please!
My conception: Before execute a query filter spaces from paramters...it is e
good idea ?
Tibor Fogler
Vulnerability ID: HTB22533
Reference: http://www.htbridge.ch/advisory/xsrf_csrf_in_mystic.html
Product: Mystic
Vendor: Hulihan Applications ( http://hulihanapplications.com/projects/mystic )
Vulnerable Version: 0.1.4 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Cisco IOS Software TCP Denial of Service
Vulnerability
Advisory ID: cisco-sa-20100812-tcp
http://www.cisco.com/warp/public/707/cisco-sa-20100812-tcp.shtml
Revision 1.0
For Public Release 2010 August 12 2130 UTC (GMT)
Vulnerability ID: HTB22534
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_mystic.html
Product: Mystic
Vendor: Hulihan Applications ( http://hulihanapplications.com/projects/mystic )
Vulnerable Version: 0.1.4 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability ID: HTB22535
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_mystic_1.html
Product: Mystic
Vendor: Hulihan Applications ( http://hulihanapplications.com/projects/mystic )
Vulnerable Version: 0.1.4 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability ID: HTB22537
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_onyx_1.html
Product: Onyx
Vendor: Hulihan Applications ( http://hulihanapplications.com/projects/onyx )
Vulnerable Version: 0.3.2 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability
Vulnerability ID: HTB22540
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_syntaxcms.html
Product: SyntaxCMS
Vendor: Forum One Communications ( http://www.syntaxcms.org/ )
Vulnerable Version: 1.3 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability ID: HTB22542
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_edit_x_cms.html
Product: Edit-X CMS
Vendor: Edit-X, Inc. ( http://www.edit-x.com/ )
Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability
Vulnerability ID: HTB22541
Reference:
http://www.htbridge.ch/advisory/directory_traversal_in_softx_ftp_client.html
Product: SoftX FTP Client
Vendor: SoftX.Org ( http://www.softx.org/ftp.html )
Vulnerable Version: 3.3 for windows and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability ID: HTB22544
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_i_web_suite.html
Product: i-Web Suite
Vendor: immediaC world wide Inc ( http://www.immediac.com/ )
Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions
Vendor Notification: 27 July 2010
Vulnerability ID: HTB22543
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_i_web_suite.html
Product: i-Web Suite
Vendor: immediaC world wide Inc ( http://www.immediac.com/ )
Vulnerable Version: Current at 27.07.2010 and Probably Prior Versions
Vendor Notification: 27
Vulnerability ID: HTB22547
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_cms_source_1.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28
Vulnerability ID: HTB22548
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_cms_source.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability ID: HTB22554
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_eazycms_1.html
Product: eazyCMS
Vendor: eazycms.com ( http://eazycms.com/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability Type: XSS
Vulnerability ID: HTB22556
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_eazycms_3.html
Product: eazyCMS
Vendor: eazycms.com ( http://eazycms.com/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability Type: XSS
[MajorSecurity SA-080]WordPress 3.0.1 - Cross Site Scripting Issue
Details
=
Product: WordPress 3.0.1
Security-Risk: low
Remote-Exploit: yes
Vendor-URL: http://www.wordpress.org/
Advisory-Status: published
Credits
=
Discovered by: David Vieira-Kurz of
==
Secunia Research 13/08/2010
- SWFTools Two Integer Overflow Vulnerabilities -
==
Table of Contents
Affected
On 8/11/2010 12:12 PM, ZDI Disclosures wrote:
The specific flaw exists within the ebus-3-3-2-6.dll module responsible for
parsing GIOP requests for multiple processes.
Does this affect only version 3.3.2.6?
-- Vendor Response:
SAP has issued an update to correct this vulnerability. More
Vulnerability ID: HTB22557
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_eazycms_4.html
Product: eazyCMS
Vendor: eazycms.com ( http://eazycms.com/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability Type: XSS
Vulnerability ID: HTB22552
Reference:
http://www.htbridge.ch/advisory/local_file_inclusion_in_cms_source_1.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July
Vulnerability ID: HTB22550
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_cms_source_2.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28
Vulnerability ID: HTB22549
Reference:
http://www.htbridge.ch/advisory/xss_vulnerability_in_cms_source_1.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability ID: HTB22545
Reference:
http://www.htbridge.ch/advisory/local_file_inclusion_in_cms_source.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability ID: HTB22546
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_cms_source.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28
Vulnerability ID: HTB22551
Reference:
http://www.htbridge.ch/advisory/xss_vulnerability_in_cms_source_2.html
Product: CMS Source
Vendor: Proud Daddy Web Design ( http://www.prouddaddy.net/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability ID: HTB22553
Reference: http://www.htbridge.ch/advisory/xss_vulnerability_in_eazycms.html
Product: eazyCMS
Vendor: eazycms.com ( http://eazycms.com/ )
Vulnerable Version: Current at 28.07.2010 and Probably Prior Versions
Vendor Notification: 28 July 2010
Vulnerability Type: XSS
26 matches
Mail list logo