[FD] pfsense 2.3.2: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:pfsense 2.3.2 Fixed in:2.3.3 Fixed Version Link: https://pfsense.org/download/ Vendor Website: https://www.pfsense.org/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor:

[FD] pfsense 2.3.2: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:pfsense 2.3.2 Fixed in:2.3.3 Fixed Version Link: https://pfsense.org/download/ Vendor Website: https://www.pfsense.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:

[FD] HumHub 0.20.1 / 1.0.0-beta.3: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: HumHub 0.20.1 / 1.0.0-beta.3 Fixed in: 1.0.0 Fixed Version https://www.humhub.org/en/download/default/form?version=1.0.0 Link: =zip Vendor Website: https://www.humhub.org/ Vulnerability Code

[FD] HumHub 1.0.1: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product: HumHub 1.0.1 and earlier Fixed in: 1.1.1 Fixed Version https://www.humhub.org/en/download/default/form?version=1.1.1 Link: =zip Vendor Website: https://www.humhub.org/ Vulnerability XSS

[FD] phplist 3.2.6: XSS

Security Advisory - Curesec Research Team 1. Introduction Affectedphplist 3.2.6 Product: Fixed in: 3.3.1 Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/ Link: phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability

[FD] phplist 3.2.6: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affectedphplist 3.2.6 Product: Fixed in: 3.3.1 Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/ Link: phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability

[FD] Elefant CMS 1.3.12-RC: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant_1_3_13_rc Vendor Website:https://www.elefantcms.com/ Vulnerability

[FD] Elefant CMS 1.3.12-RC: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant_1_3_13_rc Vendor Website:https://www.elefantcms.com/ Vulnerability

[FD] Elefant CMS 1.3.12-RC: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant_1_3_13_rc Vendor Website:https://www.elefantcms.com/ Vulnerability

[FD] Elefant CMS 1.3.12-RC: Multiple Persistent and Reflected XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Elefant CMS 1.3.12-RC Fixed in: 1.3.13 Fixed Version https://github.com/jbroadway/elefant/releases/tag/ Link: elefant_1_3_13_rc Vendor Website:https://www.elefantcms.com/ Vulnerability

[FD] Tap 'n' Sniff

Content Table 1. Introduction 2. Failsafe mode 3. Installing Openwrt 4. Configuring Openwrt 5. Testing 1. Introduction The goal of this guide is to provide a reliable and fast way for creating a lan tap for red team assessments of networks. While this was our main target this tap is also quite

[FD] The HS-110 Smart Plug aka Projekt Kasa

Content Table 1. Introduction 2. The Firmware 3. The Android Application 4. The Problems 5. Conclusion 6. Appendix 6.1. Excursion Dalvik 6.2 Control script 1. Introduction The HS-110 is a Smart Plug meaning it is capable of being controlled with commands via a network. TP-Link released a mobile

[FD] FUDforum 3.0.6: LFI

Security Advisory - Curesec Research Team 1. Introduction Affected Product:FUDforum 3.0.6 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: LFI Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to

[FD] Jaws 1.1.1: Object Injection, Open Redirect, Cookie Flags

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Jaws 1.1.1 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://jaws-project.com/ Vulnerability Type: Object Injection, Open Redirect, Cookie Flags Remote Exploitable: Yes Reported to

[FD] FUDforum 3.0.6: Multiple Persistent XSS & Login CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:FUDforum 3.0.6 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://fudforum.org/forum/ Vulnerability Type: XSS, Login CSRF Remote Exploitable: Yes Reported to vendor: 04/11/2016

[FD] Jaws 1.1.1: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Jaws 1.1.1 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://jaws-project.com/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 09/05/2016 Disclosed

[FD] Lepton 2.2.2: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type:

[FD] Lepton 2.2.2: CSRF, Open Redirect, Insecure Bruteforce Protection & Password Handling

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version http://www.lepton-cms.org/posts/ Link: important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability CSRF, Open

[FD] Lepton 2.2.2: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: LEPTON 2.2.2 stable Fixed in: 2.3.0 Fixed Version Link: http://www.lepton-cms.org/posts/ important-lepton-2.3.0-101.php Vendor Website: http://www.lepton-cms.org/ Vulnerability Type:

[FD] MoinMoin 1.9.8: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MoinMoin 1.9.8 Fixed in:1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported to

[FD] MyLittleForum 2.3.6.1: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website: http://mylittleforum.net/ Vulnerability

[FD] Mezzanine 4.2.0: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Mezzanine 4.2.0 Fixed in:4.2.1 Fixed Version Link: https://github.com/stephenmcd/mezzanine/releases/tag/4.2.1 Vendor Website: http://mezzanine.jupo.org/ Vulnerability Type: XSS Remote Exploitable:

[FD] SPIP 3.1: XSS & Host Header Injection

Security Advisory - Curesec Research Team 1. Introduction Affected SPIP 3.1 Product: Fixed in:3.1.2 / 3.0.23 Fixed Versionhttp://www.spip.net/en_download Link: Vendor Website: http://www.spip.net/ VulnerabilityReflected & Persistent XSS, Host Header Injection, httpOnly

[FD] MyLittleForum 2.3.6.1: XSS & RPO

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyLittleForum 2.3.6.1 Fixed in: 2.3.7beta Fixed Version Link: https://github.com/ilosuna/mylittleforum/releases/tag/ v2.3.7beta Vendor Website: http://mylittleforum.net/ Vulnerability

[FD] MyBB 1.8.6: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MyBB 1.8.6 Fixed in:1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb_1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to

[FD] Oxwall 1.8.0: XSS & Open Redirect

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Oxwall 1.8.0 (build 9900) Fixed in:1.8.2 Fixed Version Link: https://developers.oxwall.com/download Vendor Website: http://www.oxwall.org/ Vulnerability Type: XSS & Open Redirect Remote Exploitable:

[FD] MyBB 1.8.6: Improper validation of data passed to eval

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MyBB 1.8.6 Fixed in:1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb_1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: Improper validation of data passed to eval

[FD] MyBB 1.8.6: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MyBB 1.8.6 Fixed in:1.8.7 Fixed Version Link: http://resources.mybb.com/downloads/mybb_1807.zip Vendor Website: http://www.mybb.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes

[FD] MyBB 1.8.6: CSRF, Weak Hashing, Plaintext Passwords

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MyBB 1.8.6 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://www.mybb.com/ Vulnerability Type: CSRF, Weak Hashing, Plaintext Passwords Remote Exploitable: Yes Reported to vendor:

[FD] Kajona 4.7: XSS & Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Kajona 4.7 Fixed in:5.0 Fixed Version Link: https://www.kajona.de/en/Downloads/ downloads.get_kajona.html Vendor Website: https://www.kajona.de/ Vulnerability Type: XSS &

[FD] Peel Shopping 8.0.2: Object Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Peel Shopping 8.0.2 Fixed in:8.0.3 Fixed Version Link: www.peel-shopping.com Vendor Website: www.peel-shopping.com Vulnerability Type: Object Injection Remote Exploitable: Yes Reported to vendor:

[FD] PivotX 2.3.11: Reflected XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:PivotX 2.3.11 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Reflected XSS Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed to

[FD] PivotX 2.3.11: Directory Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product:PivotX 2.3.11 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://pivotx.net/ Vulnerability Type: Directory Traversal Remote Exploitable: Yes Reported to vendor: 01/20/2016 Disclosed

[FD] Atutor 2.2: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Atutor 2.2 Fixed in:partly in ATutor 2.2.1-RC1, complete in 2.2.1 Fixed Version Link: http://www.atutor.ca/atutor/download.php Vendor Website: http://www.atutor.ca/ Vulnerability Type: XSS Remote

[FD] Opendocman 1.3.4: HTML Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Opendocman 1.3.4 Fixed in:1.3.5 Fixed Version Link: http://www.opendocman.com/free-download/ Vendor Website: http://www.opendocman.com/ Vulnerability Type: HTML Injection Remote Exploitable: Yes

[FD] Opendocman 1.3.4: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Opendocman 1.3.4 Fixed in:1.3.5 Fixed Version Link: http://www.opendocman.com/free-download/ Vendor Website: http://www.opendocman.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to

[FD] Grawlix 1.0.3: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Grawlix 1.0.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://www.getgrawlix.com/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 11/17/2015

[FD] Arastta 1.1.5: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Arastta 1.1.5 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public:

[FD] Grawlix 1.0.3: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Grawlix 1.0.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://www.getgrawlix.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 11/17/2015 Disclosed to

[FD] PhpSocial v2.0.0304: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:PhpSocial v2.0.0304_2026 Fixed in:not fixed Fixed Version Link: n/a Vendor Webite: http://phpsocial.net Vulnerability Type: XSS / Open Redirect Remote Exploitable: Yes Reported to vendor:

[FD] esoTalk 1.0.0g4: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:esoTalk 1.0.0g4 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: t...@esotalk.org Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 11/17/2015 Disclosed to public:

[FD] PhpSocial v2.0.0304: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:PhpSocial v2.0.0304_2026 Fixed in:not fixed Fixed Version Link: n/a Vendor Webite: http://phpsocial.net Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 11/21/2015

[FD] Arastta 1.1.5: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Arastta 1.1.5 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://arastta.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to

[FD] 4images 1.7.11: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:4images 1.7.11 Fixed in:1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: SQL Injection Remote Exploitable: Yes

[FD] 4images 1.7.11: Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product:4images 1.7.11 Fixed in:1.7.12 Fixed Version Link: http://www.4homepages.de/download-4images Vendor Website: http://www.4homepages.de/ Vulnerability Type: Path Traversal Remote Exploitable: Yes

[FD] 4images 1.7.11: Code Execution Exploit

#!/usr/local/bin/python # Exploit for 4images 1.7.11 Code Execution vulnerability # An admin account is required to use this exploit # Curesec GmbH import sys import re import argparse import requests # requires requests lib parser = argparse.ArgumentParser() parser.add_argument("url",

[FD] CodoForum 3.4: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:CodoForum 3.4 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: ad...@codologic.com Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public:

[FD] phpwcms 1.7.9: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product: phpwcms 1.7.9 Fixed in: 1.8.0 RC1 Fixed Version https://github.com/slackero/phpwcms/archive/ Link: phpwcms-1.8.0-RC1.zip Vendor Website:http://www.phpwcms.de/ Vulnerability CSRF Type:

[FD] Geeklog 2.1.0: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Geeklog 2.1.0 Fixed in:2.1.1b3 Fixed Version Link: https://www.geeklog.net/filemgmt/visit.php/1156 Vendor Contact: geeklog-secur...@lists.geeklog.net Vulnerability Type: XSS Remote Exploitable: Yes

[FD] Geeklog 2.1.0: Code Execution Exploit

#!/usr/local/bin/python # Exploit for geeklog-2.1.0 OS Command Injection vulnerability # An admin account is required to use this exploit # Curesec GmbH import sys import re import argparse import requests # requires requests lib parser = argparse.ArgumentParser() parser.add_argument("url",

[FD] Geeklog 2.1.0: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Geeklog 2.1.0 Fixed in:2.1.1b3 Fixed Version Link: https://www.geeklog.net/filemgmt/visit.php/1156 Vendor Contact: geeklog-secur...@lists.geeklog.net Vulnerability Type: Code Execution Remote

[FD] redaxscript 2.5.0: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product: redaxscript 2.5.0 Fixed in: 2.6.1 Fixed Version Link: http://redaxscript.com/files/releases/ redaxscript_2.6.1_full.zip Vendor Contact: i...@redaxmedia.com Vulnerability Type: XSS

[FD] appRain 4.0.3: Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product:appRain 4.0.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: i...@apprain.com Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to

[FD] appRain 4.0.3: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: Fixed via Optional Module CSRF Protection Module http://www.apprain.com/extension/20/accounting-system?s Link: =Description Vendor Website:

Re: [FD] LiteCart 1.3.2: Multiple XSS

it to sprintf. The issue in version 1.3.2 is that the query parameter is also echoed unencoded inside the title tag, which is why the POC contains . Best Curesec Research Team Am 11/18/2015 um 6:50 PM schrieb Henri Salo: > On Fri, Nov 13, 2015 at 05:07:01PM +0100, Curesec Research Team (CRT) wrote: &

[FD] XCart 5.2.6: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:XCart 5.2.6 Fixed in:5.2.7 Fixed Version Link: https://www.x-cart.com/xc5kit Vendor Contact: supp...@x-cart.com Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor:

[FD] Sitemagic CMS 4.1: XSS

Security Advisory - Curesec Research Team 1. Introduction AffectedSitemagic CMS 4.1 Product: Fixed in: 4.1.1 Fixed Version http://sitemagic.org/index.php?SMExt=SMDownloads; Link: SMDownloadsFile=SitemagicCMS411.zip Vendor Contact: d...@sitemagic.org Vulnerability XSS

[FD] ClipperCMS 1.3.0: Code Execution Exploit

#!/usr/local/bin/python # Exploit for ClipperCMS 1.3.0 Code Execution vulnerability # An account is required with rights to file upload (eg a user in the Admin, Publisher, or Editor role) # The server must parse htaccess files for this exploit to work. # Curesec GmbH c...@curesec.com import sys

[FD] ClipperCMS 1.3.0: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:ClipperCMS 1.3.0 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://www.clippercms.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to

[FD] XCart 5.2.6: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:XCart 5.2.6 Fixed in:5.2.7 Fixed Version Link: https://www.x-cart.com/xc5kit Vendor Contact: supp...@x-cart.com Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 08/13/2015

[FD] TomatoCart v1.1.8.6.1: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:TomatoCart v1.1.8.6.1 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: supp...@tomatocart.com Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/29/2015 Disclosed to

[FD] XCart 5.2.6: Code Execution Exploit

#!/usr/local/bin/python # Exploit for XCart 5.2.6 Code Execution vulnerability # An admin account is required to use this exploit # Curesec GmbH import sys import re import requests # requires requests lib if len(sys.argv) != 4: exit("usage: python " + sys.argv[0] + "

[FD] ClipperCMS 1.3.0: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:ClipperCMS 1.3.0 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://www.clippercms.com/ Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 10/02/2015

[FD] LiteCart 1.3.2: Multiple XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:LiteCart 1.3.2 Fixed in:1.3.3 Fixed Version Link: https://www.litecart.net/downloading?version=1.3.3.1 Vendor Contact: developm...@litecart.net Vulnerability Type: XSS Remote Exploitable: Yes

[FD] XCart 5.2.6: Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product:XCart 5.2.6 Fixed in:5.2.7 Fixed Version Link: https://www.x-cart.com/xc5kit Vendor Contact: supp...@x-cart.com Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor:

[FD] TomatoCart v1.1.8.6.1: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:TomatoCart v1.1.8.6.1 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: supp...@tomatocart.com Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 09/29/2015

[FD] ClipperCMS 1.3.0: Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product:ClipperCMS 1.3.0 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://www.clippercms.com/ Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor: 10/02/2015

[FD] AlegroCart 1.2.8: LFI/RFI

Security Advisory - Curesec Research Team 1. Introduction Affected Product:AlegroCart 1.2.8 Fixed in:Patch AC128_fix_22102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1047 Vendor Website: http://alegrocart.com/ Vulnerability Type: LFI/RFI Remote

[FD] AlegroCart 1.2.8: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:AlegroCart 1.2.8 Fixed in:Patch AC128_fix_17102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1040 Vendor Website: http://alegrocart.com/ Vulnerability Type: SQL Injection

[FD] CubeCart 6.0.7: Code Execution

Security Advisory - Curesec Research Team 1. Introduction Affected Product:CubeCart 6.0.7 Fixed in:6.0.8 Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip Vendor Contact: sa...@cubecart.com Vulnerability Type: Code Execution Remote Exploitable: Yes

[FD] Quick.Cart 6.6: Multiple XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Quick.Cart 6.6 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: i...@opensolution.org Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/07/2015 Disclosed to public:

[FD] MiniBB 3.1.1: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MiniBB 3.1.1 Fixed in:3.2 Fixed Version Link: http://www.minibb.com/download.php?file=minibb Vendor Contact: secur...@minibb.com Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor:

[FD] MyWebSQL 3.6: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:MyWebSQL 3.6 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: http://mywebsql.net/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to public:

[FD] OpenCart 2.0.3.1: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:OpenCart 2.0.3.1 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: https://www.opencart.com/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed to

[FD] TheHostingTool 1.2.6: Multiple SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product:TheHostingTool 1.2.6 Fixed in:not fixed Fixed Version Link: n/a Vendor Website: https://thehostingtool.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 09/07/2015

[FD] SQLiteManager 1.2.4: Multiple XSS

SQLiteManager 1.2.4: Multiple XSS Security Advisory – Curesec Research Team 1. Introduction Affected Product: SQLiteManager 1.2.4 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: sqlitemana...@gmail.com Vulnerability Type: XSS Remote

[FD] SQL Buddy 1.3.3: CSRF

Security Advisory - Curesec Research Team 1. Introduction Affected Product:SQL Buddy 1.3.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: n...@deliciousbrains.com Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to

[FD] SQL Buddy 1.3.3: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:SQL Buddy 1.3.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: n...@deliciousbrains.com Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to

[FD] Chyrp CMS 2.5.2: XSS

Security Advisory - Curesec Research Team 1. Introduction Affected Product:Chyrp CMS 2.5.2 Fixed in:not fixed Fixed Version Link: n/a Vendor Github: https://github.com/chyrp/chyrp Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed

[FD] ZeusCart 4.0 - XSS - not fixed

ZeusCart 4.0: XSS Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: supp...@zeuscart.com Vulnerability Type: XSS Remote Exploitable: Yes

[FD] Zen Cart 1.5.4 - Code Execution and Information Leak

Zen Cart 1.5.4: Code Execution and Information Leak Security Advisory – Curesec Research Team 1. Introduction Affected Product: Zen Cart 1.5.4 Fixed in: partial fix via patch Partial Patch Link:

[FD] ZeusCart 4.0: Code Execution - not fixed

ZeusCart 4.0: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: supp...@zeuscart.com Vulnerability Type: Code Execution Remote

[FD] ZeusCart 4.0: SQL Injection - not fixed

ZeusCart 4.0: SQL Injection Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: supp...@zeuscart.com Vulnerability Type: SQL Injection Remote

[FD] Anchor CMS 0.9.2 - XSS

Anchor CMS 0.9.2: XSS Security Advisory – Curesec Research Team 1. Introduction Affected Product: Anchor CMS 0.9.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: Website: http://anchorcms.com/ Vulnerability Type: XSS and Open

[FD] ZeusCart 4.0: CSRF - not fixed

ZeusCart 4.0: CSRF Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: supp...@zeuscart.com Vulnerability Type: CSRF Remote Exploitable: Yes

[FD] NibbleBlog 4.0.3 - CSRF - Not fixed

NibbleBlog 4.0.3: CSRF Security Advisory – Curesec Research Team 1. Introduction Affected Product: NibbleBlog 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: Website: http://www.nibbleblog.com/ Vulnerability Type: CSRF

[FD] NibbleBlog 4.0.3 - Code Execution - Not fixed

NibbleBlog 4.0.3: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: NibbleBlog 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: Website: http://www.nibbleblog.com/ Vulnerability Type:

[FD] Serendipity 2.0.1 - Persistent XSS

Serendipity 2.0.1: Persistent XSS Security Advisory – Curesec Research Team 1. Introduction Affected Product: Serendipity 2.0.1 Fixed in: 2.0.2 Fixed Version Link: https://github.com/s9y/Serendipity/releases/download/2.0.2/serendipity-2.0.2.zip Vendor Contact:

[FD] Bolt 2.2.4 - Code Execution

Bolt 2.2.4: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: Bolt 2.2.4 Fixed in: 2.2.5 Fixed Version Link: http://bolt.cm/distribution/archive/bolt-2.2.5.zip Vendor Contact: Website: https://bolt.cm

[FD] Phorum 5.2.19 - Reflected XSS and Open Redirect

Phorum 5.2.19: Reflected XSS (IIS only) and Open Redirect Security Advisory – Curesec Research Team 1. Introduction Affected Product: Phorum 5.2.19 Fixed in: 5.2.20 Fixed Version Link: http://www.phorum.org/downloads/phorum_5_2_20.zip Vendor Contact:

[FD] ModX Revolution 2.3.5 - Reflected XSS

ModX Revolution 2.3.5-pl: Reflected Cross Site Scripting Vulnerability Security Advisory – Curesec Research Team 1. Introduction Affected Product: ModX Revolution 2.3.5-pl Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: he...@modx.com