Security Advisories | Entries from Tuesday, October 18. 2011

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170
Skip to content

SSCHADV2011-024 - SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities

Posted by Stefan Schurtz on Tuesday, October 18. 2011

Advisory:	SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities
Advisory ID:	SSCHADV2011-024
Author:	Stefan Schurtz
Affected Software:	Successfully tested on SilverStripe 2.4.5
Vendor URL:	http://www.silverstripe.com/
Vendor Status:	fixed
CVE-ID:	-

======================

Vulnerability Description:

======================

SilverStripe 2.4.5 backend is prone to multiple Cross-site scripting vulnerabilities

Continue reading "SSCHADV2011-024 - SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities"

SSCHADV2011-030 - Site@School SQL Injection & XSS vulnerabilities

Posted by Stefan Schurtz on Tuesday, October 18. 2011

Advisory:	Site@School 2.4.10 SQL Injection & XSS vulnerabilities
Advisory ID:	SSCHADV2011-030
Author:	Stefan Schurtz
Affected Software:	Successfully tested on Site@School 2.4.10
Vendor URL:	http://sourceforge.net/projects/siteatschool/
Vendor Status:	insecure and no longer maintained
CVE-ID:	-

======================
Vulnerability Description:
======================

Site@School is prone to multiple SQL Injection and XSS vulernabilities

Continue reading "SSCHADV2011-030 - Site@School SQL Injection & XSS vulnerabilities"

SSCHADV2011-029 - PHP Booking Calendar Multiple Cross-Site Scripting Vulnerabilities

Posted by Stefan Schurtz on Tuesday, October 18. 2011

Advisory:	PHP Booking Calendar Multiple Cross-Site Scripting Vulnerabilities
Advisory ID:	SSCHADV2011-029
Author:	Stefan Schurtz
Affected Software:	Successfully tested on PHP Booking Calendar 10e
Vendor URL:	https://sourceforge.net/projects/bookingcalendar/
Vendor Status:	informed
CVE-ID:	-

======================
Vulnerability Description:
======================

PHP Booking Calendar is prone to multiple Cross-Site scripting vulernabilities

Continue reading "SSCHADV2011-029 - PHP Booking Calendar Multiple Cross-Site Scripting Vulnerabilities"

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] Flowise 1.6.5 - Authentication Bypass

Sunday, April 21. 2024

[webapps] Laravel Framework 11 - Credential Leakage

Sunday, April 21. 2024

[webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Sunday, April 21. 2024

[webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution

Sunday, April 21. 2024

[webapps] FlatPress v1.3 - Remote Command Execution

Sunday, April 21. 2024

OpenBSD Journal

Game of Trees 0.98 released

Wednesday, April 24. 2024

pfctl(8) and systat(8) to display fragment reassembly statistics

Tuesday, April 23. 2024

Coming soon to a -current system near you: parallel raw IP input

Thursday, April 18. 2024

In -current, default write format for tar(1) changed to "pax"

Wednesday, April 17. 2024

OpenSMTPD 7.5.0p0 Released

Wednesday, April 10. 2024

20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09)

Tuesday, April 9. 2024

OpenBSD 7.5 released

Friday, April 5. 2024

LibreSSL 3.8.4 and 3.9.1 released

Thursday, March 28. 2024

OpenSSH 9.7/9.7p1 released!

Tuesday, March 12. 2024

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170