Tag Archives: 0-day

NetCat CMS 3.12 HTML Injection Security Vulnerabilities

Originally posted on computer pitch:
? NetCat CMS 3.12 HTML Injection Security Vulnerabilities ? Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML Injection Security Vulnerabilities Product: NetCat CMS (Content Management System) Vendor: NetCat Vulnerable Versions: 3.12 3.0 2.4 2.3…

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities

Originally posted on computer pitch:
? Webs ID Reflected XSS (Cross-site Scripting) Security Vulnerabilities ? Exploit Title: Webs ID /login.jsp &error Parameter Reflected XSS (Cross-site Scripting) Security Vendor: Webs, Inc Product: Webs ID Vulnerable Versions: Tested Version: Advisory Publication: April…

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

Comsenz SupeSite CMS Stored XSS (Cross-site Scripting) Security Vulnerabilities

Originally posted on computer pitch:
? Comsenz SupeSite CMS 7.0 Stored XSS (Cross-site Scripting) Security Vulnerabilities ? Exploit Title: Comsenz SupeSite CMS 7.0 Stored XSS Security Vulnerabilities Product: Supesite CMS (Content Management System) Vendor: ComSenz Vulnerable Versions: 6.0.1UC 7.0 Tested…

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2014-8490 TennisConnect COMPONENTS System XSS (Cross-Site Scripting) Security Vulnerability

Exploit Title: TennisConnect “TennisConnect COMPONENTS System” /index.cfm pid Parameter XSS Product: TennisConnect COMPONENTS System Vendor: TennisConnect Vulnerable Versions: 9.927 Tested Version: 9.927 Advisory Publication: Nov 18, 2014 Latest Update: Nov 18, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-8490 … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2014-8752 JCE-Tech “Video Niche Script” XSS (Cross-Site Scripting) Security Vulnerability

Exploit Title: JCE-Tech “Video Niche Script” /view.php Multiple Parameters XSS Product: “Video Niche Script” Vendor: JCE-Tech Vulnerable Versions: 4.0 Tested Version: 4.0 Advisory Publication: Nov 18, 2014 Latest Update: Nov 18, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-8752 CVSS … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Security Vulnerability Exploit Title: Atlas Systems Aeon XSS Vulnerability Product: Aeon Vendor: Atlas Systems Vulnerable Versions: 3.6 3.5 Tested Version: 3.6 Advisory Publication: Nov 12, 2014 Latest Update: Nov 12, 2014 Vulnerability Type: … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

Vigilantes testing security of IT systems

Vigilantes testing security of IT systems A growing group of individuals are taking it upon themselves to test the security of information systems in organisations and report security flaws. SINGAPORE: Call them cybersecurity vigilantes if you will, or “white hats” — … Continue reading

Posted in Computer & Web Technology | Tagged , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment