Advisory:
|
Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
|
Advisory ID:
|
SSCHADV2012-014
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Joomla 2.5.6
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
With activated "Module Language Switcher – position-4" (Extensions -> Modules -> Module Manager: Module Language Switcher), multiple XSS are possible.
Continue reading "SSCHADV2012-014 - Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities"
Advisory:
|
Admidio 2.3.5 Multiple security vulnerabilities
|
Advisory ID:
|
SSCHADV2012-019
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Admidio 2.3.5
|
Vendor URL:
|
|
Vendor Status:
|
|
CVE-ID:
|
CVE-2012-4748, CVE-2012-4749
|
======================
Vulnerability Description
======================
Admidio 2.3.5 is prone to XSS and SQLi vulnerabilities
Continue reading "SSCHADV2012-019 - Admidio 2.3.5 Multiple security vulnerabilities"
Advisory:
|
PHPExcel 1.7.7 Cross-Site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2012-020
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on PHPExcel 1.7.7
|
Vendor URL:
|
|
Vendor Status:
|
|
======================
Vulnerability Description
======================
PHPExcel 1.7.7 is prone to a Cross-Site Scripting vulnerability
Continue reading "SSCHADV2012-020 - PHPExcel 1.7.7 Cross-Site Scripting vulnerability"
Advisory:
|
SaltOS 3.1 Cross-Site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2012-018
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on SaltOS 3.1 r4908
|
Vendor URL:
|
|
Vendor Status:
|
|
======================
Vulnerability Description
======================
SaltOS 3.1 is prone to a Cross-Site Scripting vulnerability, because of using PHPExcel 1.7.7 (latest version)
Continue reading "SSCHADV2012-018 - SaltOS 3.1 Cross-Site Scripting vulnerability"
Advisory:
|
WordPress Plugin ‘Quick Post Widget’ 1.9.1 Multiple XSS vulnerabilities
|
Advisory ID:
|
SSCHADV2012-016
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Quick Post Widget 1.9.1
|
Vendor URL:
|
|
Vendor Status:
|
|
|
CVE-2012-4226
|
======================
Vulnerability Description
======================
The WordPress plugin Quick Post Widget 1.9.1 is prone to multiple XSS vulnerabilities
Continue reading "SSCHADV2012-016 - WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple XSS vulnerabilities"
Advisory:
|
ATutor 2.0.3 Multiple XSS vulnerabilities |
Advisory ID: |
SSCHADV2012-002 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on ATutor 2.0.3 |
Vendor URL: |
|
Vendor Status: |
fixed
|
|
|
======================
Vulnerability Description
======================
ATutor 2.0.3 is prone to multiple XSS vulnerabilities
Continue reading "SSCHADV2012-002 - ATutor 2.0.3 Multiple XSS vulnerabilities"