Skip to content

SSCHADV2011-037 - Achievo 1.4.5 Multiple XSS vulnerabilities

Advisory:
Achievo 1.4.5 Multiple XSS vulnerabilities
Advisory ID:
SSCHADV2011-037
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Achievo 1.4.5
Vendor URL:
Vendor Status:
informed
CVE-ID:
-
 
======================
Vulnerability Description:
======================
 
Achievo 1.4.5 is prone to multiple Cross-Site scripting vulernabilities
 
Continue reading "SSCHADV2011-037 - Achievo 1.4.5 Multiple XSS vulnerabilities"

Check Point Endpoint Security Client - Disconnect after 20 seconds

Check Point Endpoint Security Client  – Disconnect after 20 seconds

After connecting with the new Endpoint Security Client E75.20 or E75.10 to a R75.10 Security Gateway,  the client disconnects after 20 seconds when no traffic is made.
 
Continue reading "Check Point Endpoint Security Client - Disconnect after 20 seconds"

INFOSERVE-ADV2011-01 - Tiki Wiki CMS Groupware Multiple XSS vulnerabilities

Advisory:
Tiki Wiki CMS Groupware Multiple XSS vulnerabilities
Advisory ID:
INFOSERVE-ADV2011-01
Author:
Stefan Schurtz
Contact:
Affected Software:
Successfully tested on Tiki 7.2 & 8.0 RC1
Vendor URL:
Vendor Status:
fixed for Tiki 7 (New Tiki 6 LTS release in progress)
CVE-ID:
CVE-2011-4454, CVE-2011-4455
 
======================
Vulnerability Description
======================
 
All versions of Tiki 6 and Tiki 7 and version Tiki 8.0RC1 are prone to multiple XSS vulnerabilities
 
Continue reading "INFOSERVE-ADV2011-01 - Tiki Wiki CMS Groupware Multiple XSS vulnerabilities"

INFOSERVE-ADV2011-02 - Multiple security vulnerabilities in AShop

Advisory:
Multiple security vulnerabilities in AShop
Advisory ID:
INFOSERVE-ADV2011-02
Author:
Stefan Schurtz
Contact:
Affected Software:
Successfully tested on AShop513
Vendor URL:
Vendor Status:
fixed in Version 5.1.4
 
======================
Vulnerability Description:
======================
 
AShop is prone to multiple security vulnerabilities
 
Continue reading "INFOSERVE-ADV2011-02 - Multiple security vulnerabilities in AShop"

INFOSERVE-ADV2011-03 - Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0

Advisory:
Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0
Advisory ID:
INFOSERVE-ADV2011-03
Author:
Stefan Schurtz
Contact:
Affected Software:
Successfully tested on Dolibarr 3.1.0 other versions may also be affected
Vendor URL:
Vendor Status:
fixed in the 3.1 branch
 
======================
Vulnerability Description:
======================
 
Dolibarr 3.1.0 is prone to multiple XSS vulnerability
 
Continue reading "INFOSERVE-ADV2011-03 - Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0"

SSCHADV2011-034 - osCSS2 "_ID" parameter Local file inclusion

Advisory:
osCSS2 "_ID" parameter Local file inclusion
Advisory ID:
SSCHADV2011-034
Author:
Stefan Schurtz
Affected Software:
Successfully tested on osCSS2 2.1.0 (latest version)
Vendor URL:
Vendor Status:
Fixed in svn branche 2.1.0 and reported in develop version 2.1.1
EDB-ID:
18099
 
======================
Vulnerability Description:
======================
 
osCSS2 2.1.0 "_ID" parameter is prone to a LFI vulnerability
 
Continue reading "SSCHADV2011-034 - osCSS2 "_ID" parameter Local file inclusion"
Imprint | Contact | Privacy Statement