darksecurity.de | Entries from Wednesday, October 19. 2011

Warning: opendir(/var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/sh/3.0.83.2/scripts/): failed to open dir: No such file or directory in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 26

Warning: Invalid argument supplied for foreach() in /var/www/html/web1/serendipity/plugins/serendipity_event_dpsyntaxhighlighter/serendipity_event_dpsyntaxhighlighter.php on line 170
Skip to content

SSCHADV2011-032 - Piwik 1.6 Full Path Disclosure

Posted by Stefan Schurtz on Wednesday, October 19. 2011

Advisory:	Piwik 1.6 Full Path Disclosure
Advisory ID:	SSCHADV2011-032
Author:	Stefan Schurtz
Affected Software:	Successfully tested on Piwik 1.6
Vendor URL:	http://piwik.org/
Vendor Status:	informed but no fix available
CVE-ID:	-

======================

Vulnerability Description:

======================

Piwik 1.6 is prone to a Full Path Disclosure vulnerability

Continue reading "SSCHADV2011-032 - Piwik 1.6 Full Path Disclosure"

SSCHADV2011-031 - Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities

Posted by Stefan Schurtz on Wednesday, October 19. 2011

Advisory:	Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities
Advisory ID:	SSCHADV2011-031
Author:	Stefan Schurtz
Affected Software:	Successfully tested on Yet Another CMS 1.0
Vendor URL:	http://yetanothercms.codeplex.com/
Vendor Status:	informed
EDB-ID:	17997