Skip to content

SSCHADV2012-020 - PHPExcel 1.7.7 Cross-Site Scripting vulnerability

Advisory:
PHPExcel 1.7.7 Cross-Site Scripting vulnerability
Advisory ID:
SSCHADV2012-020
Author:
Stefan Schurtz
Affected Software:
Successfully tested on PHPExcel 1.7.7
Vendor URL:
Vendor Status:
informed
 
======================
Vulnerability Description
======================
 
PHPExcel 1.7.7 is prone to a Cross-Site Scripting vulnerability
 
Continue reading "SSCHADV2012-020 - PHPExcel 1.7.7 Cross-Site Scripting vulnerability"

SSCHADV2012-018 - SaltOS 3.1 Cross-Site Scripting vulnerability

Advisory:
SaltOS 3.1 Cross-Site Scripting vulnerability
Advisory ID:
SSCHADV2012-018
Author:
Stefan Schurtz
Affected Software:
Successfully tested on SaltOS 3.1 r4908
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
SaltOS 3.1 is prone to a Cross-Site Scripting vulnerability, because of using PHPExcel 1.7.7 (latest version)
 
Continue reading "SSCHADV2012-018 - SaltOS 3.1 Cross-Site Scripting vulnerability"

SSCHADV2012-016 - WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple XSS vulnerabilities

Advisory:
WordPress Plugin ‘Quick Post Widget’ 1.9.1 Multiple XSS vulnerabilities
Advisory ID:
SSCHADV2012-016
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Quick Post Widget 1.9.1
Vendor URL:
Vendor Status:
informed
CVE-ID:
CVE-2012-4226
 
======================
Vulnerability Description
======================
 
The WordPress plugin Quick Post Widget 1.9.1 is prone to multiple XSS vulnerabilities
 
Continue reading "SSCHADV2012-016 - WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple XSS vulnerabilities"
Imprint | Contact | Privacy Statement