Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.
f598b9ed8a7b6ff22759af3b10826567272decde5f2a0302648d6e96d89ddceeA-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.
8f3fb7e46432c3d39ecb946dbebf7c30a6f165544414b8ef971ac87628e8bb6bNews Manager Lite 2.5 and News Manager Lite administration suffer from cross site scripting, SQL injection, and cookie hijacking vulnerabilities.
c6b957877bb54eb34a118dda9d6a1ea76f8fd56c3ed84f5494f8e2553fe802e9Input validation holes in Member Management System version 2.1 allow for SQL injection and cross site scripting attacks.
8843ba631656a0d022b943d1f9ed88a01141aac6cffc9a70563c08e061916c03ASP Portal suffers from multiple vulnerabilities that can lead to disclosure of authentication information, disclosure of user information, execution of arbitrary code remotely, modification of user information, and identity spoofing. Cookie hijacking exploit enclosed.
e8e1d8a121e11e0a9246f324ce6326b2f6d53ab92eace97fe8e0cd1214ba9a81MaxWebPortal is vulnerable to a cross site scripting and SQL injection attack.
65e80d42d444a31c5162f9b48e912083c9be6b065c1960615740e01a0c6baed8PHPX versions 3.2.3 and below suffer from cross site scripting, code injection, and cookie hijacking flaws.
012bff09952423da1c0012ce2260fa85de15c3b02c47a32a2fa2aeb3679d0058
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed