Advisory:
|
Achievo 1.4.5 Multiple XSS vulnerabilities
|
Advisory ID:
|
SSCHADV2011-037
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Achievo 1.4.5
|
Vendor URL:
|
|
Vendor Status:
|
informed
|
CVE-ID:
|
-
|
======================
Vulnerability Description:
======================
Achievo 1.4.5 is prone to multiple Cross-Site scripting vulernabilities
Continue reading "SSCHADV2011-037 - Achievo 1.4.5 Multiple XSS vulnerabilities"
Check Point Endpoint Security Client – Disconnect after 20 seconds
After connecting with the new Endpoint Security Client E75.20 or E75.10 to a R75.10 Security Gateway, the client disconnects after 20 seconds when no traffic is made.
Continue reading "Check Point Endpoint Security Client - Disconnect after 20 seconds"
Advisory:
|
Tiki Wiki CMS Groupware Multiple XSS vulnerabilities
|
Advisory ID:
|
INFOSERVE-ADV2011-01
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on Tiki 7.2 & 8.0 RC1
|
Vendor URL:
|
|
Vendor Status:
|
fixed for Tiki 7 (New Tiki 6 LTS release in progress)
|
CVE-ID:
|
CVE-2011-4454, CVE-2011-4455
|
======================
Vulnerability Description
======================
All versions of Tiki 6 and Tiki 7 and version Tiki 8.0RC1 are prone to multiple XSS vulnerabilities
Continue reading "INFOSERVE-ADV2011-01 - Tiki Wiki CMS Groupware Multiple XSS vulnerabilities"
Advisory:
|
Multiple security vulnerabilities in AShop
|
Advisory ID:
|
INFOSERVE-ADV2011-02
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on AShop513
|
|
|
Vendor Status:
|
fixed in Version 5.1.4
|
======================
Vulnerability Description:
======================
AShop is prone to multiple security vulnerabilities
Continue reading "INFOSERVE-ADV2011-02 - Multiple security vulnerabilities in AShop"
Advisory:
|
Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0
|
Advisory ID:
|
INFOSERVE-ADV2011-03
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on Dolibarr 3.1.0 other versions may also be affected
|
|
|
Vendor Status:
|
fixed in the 3.1 branch
|
======================
Vulnerability Description:
======================
Dolibarr 3.1.0 is prone to multiple XSS vulnerability
Continue reading "INFOSERVE-ADV2011-03 - Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0"
Advisory:
|
osCSS2 "_ID" parameter Local file inclusion
|
Advisory ID:
|
SSCHADV2011-034
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on osCSS2 2.1.0 (latest version)
|
Vendor URL:
|
|
Vendor Status:
|
Fixed in svn branche 2.1.0 and reported in develop version 2.1.1
|
EDB-ID:
|
18099
|
======================
Vulnerability Description:
======================
osCSS2 2.1.0 "_ID" parameter is prone to a LFI vulnerability
Continue reading "SSCHADV2011-034 - osCSS2 "_ID" parameter Local file inclusion"