Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.
f598b9ed8a7b6ff22759af3b10826567272decde5f2a0302648d6e96d89ddcee
A-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.
8f3fb7e46432c3d39ecb946dbebf7c30a6f165544414b8ef971ac87628e8bb6b
News Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
c6b957877bb54eb34a118dda9d6a1ea76f8fd56c3ed84f5494f8e2553fe802e9
Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
8843ba631656a0d022b943d1f9ed88a01141aac6cffc9a70563c08e061916c03
ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
e8e1d8a121e11e0a9246f324ce6326b2f6d53ab92eace97fe8e0cd1214ba9a81
MaxWebPortal is vulnerable to a cross site scripting and SQL injection attack.
65e80d42d444a31c5162f9b48e912083c9be6b065c1960615740e01a0c6baed8
PHPX versions 3.2.3 and below suffer from cross site scripting, code injection, and cookie hijacking flaws.
012bff09952423da1c0012ce2260fa85de15c3b02c47a32a2fa2aeb3679d0058