A path disclosure issue exists in Webbler CMS version 3.1.3.
0267ae1558c984731c4b64348994f7232c96b5bffeaa5da4309b9287b10bbb1cA cross site scripting vulnerability exists in index.php of Webbler CMS version 3.1.3.
87051462fc945e497754082567172ef3988047c8fc4db3d220a1645c04d9f3f7A cross site scripting vulnerability exists in the Webbler CMS admin login page. Version 3.1.3 is affected.
7824d7393e81afe25b6d0835c76b1b0b8674f8e154465fd4bf2a3246a6c05171By understanding how ASP .NET malicious request filtering functions, ProCheckUp has found that it is possible to bypass ASP .NET request filtering and perform cross site scripting and HTML injection attacks.
4b78fe2bdca6f7c490f51b3622de9ef13cf64b7899eaa6f8f39a70a7ab3ae074IP Phones based on the Centrality Communications/Aredfox PA168 chipset suffer from a weak session management vulnerability. Exploit included.
1821bfb5f8cd756cd89b28517356ba2347b103a4fe336db4aabb7a4ab85a7751The FileZilla client versions 2.2.15 and below suffer from a local credential compromise vulnerability due to improper storage.
b25fd57dbac01135b458f4ef6c6bb6f19a6c44cfc31b81c5109a0ffe085b399eThe FileZilla client stores passwords using a weak XOR 'encryption'. The value of the cipher key is static and can be found in the source code. This vulnerability has been successfully tested on versions 2.2.14b and 2.2.15. However, it is suspected that most previous versions are also affected.
637a74e948d0d2743a1666cf0c8f157510b94187658ebc3cb5fd4b191d073685
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed