[Full-disclosure] Croogo CMS 1.2 Contact Module Cross Site Scripting Vulnerabilities

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities == Vulnerable Software: 1.2 and prior Release Date: 2010-03-06 Last Update: 2010-02-01 Critical: Low Impact: Session hijack Denial of service Code execution Solution Status:

[Full-disclosure] Croogo CMS 1.2.1 Contact Module Cross Site Scripting Vulnerabilities

Croogo CMS 1.2 Cross Site Scripting Vulnerabilities == Vulnerable Software: 1.2 and prior Release Date: 2010-03-06 Last Update: 2010-02-01 Critical: Low Impact: Session hijack Denial of service Code execution Solution Status:

[Full-disclosure] SmartSiteCMS v1.0 authentication bypass

SmartSiteCMS v1.0 authentication bypass STATUS: I contacted the vendor more than 2 months ago and still no response. TECHNICAL INFO One of the worst cms I've ever seen regarding security, no input sanitation at all. Bypassing authe