Advisory:
|
Serendipity 1.7.5 (Backend) – Multiple security vulnerabilities
|
Advisory ID:
|
SSCHADV2014-003
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Serendipity 1.7.5
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The Serendipity 1.7.5 backend is prone to multiple security vulnerabilities
Continue reading "SSCHADV2014-003 - Serendipity 1.7.5 (Backend) - Multiple security vulnerabilities"
Advisory:
|
Websitebaker Add-on ‘Concert Calendar 2.1.4’ XSS & SQLi vulnerability
|
Advisory ID:
|
SSCHADV2013-001
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Concert Calendar 2.1.4
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Websitebaker Add-on ‘Concert Calendar 2.1.4’ is prone to a XSS and SQLi vulnerability
Continue reading "SSCHADV2013-001 - Websitebaker Add-on 'Concert Calendar 2.1.4' XSS & SQLi vulnerability"
Advisory:
|
Admidio 2.3.5 Multiple security vulnerabilities
|
Advisory ID:
|
SSCHADV2012-019
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Admidio 2.3.5
|
Vendor URL:
|
|
Vendor Status:
|
|
CVE-ID:
|
CVE-2012-4748, CVE-2012-4749
|
======================
Vulnerability Description
======================
Admidio 2.3.5 is prone to XSS and SQLi vulnerabilities
Continue reading "SSCHADV2012-019 - Admidio 2.3.5 Multiple security vulnerabilities"
Advisory:
|
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
|
Advisory ID:
|
SSCHADV2012-017
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on MGB OpenSource Guestbook 0.6.9.1
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
The MGB OpenSource Guestbook is prone to multiple security vulnerabilities
Continue reading "SSCHADV2012-017 - MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities"
Advisory:
|
PHP Address Book 7.0.0 and 8.1.9.1 Multiple security vulnerabilities
|
Advisory ID: |
SSCHADV2012-013 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on PHP Address Book 7.0.0 and 8.1.9.1 (latest version) |
Vendor URL: |
|
Vendor Status: |
informed
|
======================
Vulnerability Description
======================
PHP Address Book 7.0.0 and 8.1.9.1 are prone to multiple XSS and SQLi vulnerabilities
Continue reading "SSCHADV2012-013 - PHP Address Book 7.0.0 and 8.1.9.1 Multiple security vulnerabilities"
Advisory:
|
Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability
|
Advisory ID: |
KORAMIS-ADV2012-001 |
Contact: |
security@koramis.de |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on Serendipity 1.6 |
Vendor URL: |
|
Vendor Status: |
fixed
|
CVE-ID:
|
CVE-2012-2331, CVE-2012-2332
|
EDB-ID: |
18884 |
==========================
Vulnerability Description
==========================
The Serendipity backend is prone to a Cross-Site Scripting and SQL-Injection vulnerability
Continue reading "KORAMISADV2012-001 - Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability"