Advisory:
|
Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities
|
Advisory ID: |
KORAMIS-ADV2012-002 |
Contact. |
security@koramis.de |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on Alienvault Open Source SIEM 3.1 (32bit) |
Vendor URL: |
|
Vendor Status: |
informed
|
EDB-ID: |
18800 |
==========================
Vulnerability Description
==========================
Alienvault OSSIM Open Source SIEM 3.1 is prone to XSS and SQL-Injection vulnerabilities
Continue reading "KORAMIS-ADV2012-002 - Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities"
Advisory:
|
Star Wars Old Republic – SWTOR Char DB 1.8b Multiple security vulnerabilities
|
Advisory ID: |
SSCHADV2012-009 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on Star Wars Old Republic – SWTOR Char DB 1.8b |
Vendor URL: |
|
Vendor Status: |
fixed
|
OSVDB ID:
|
80841, 80842
|
======================
Vulnerability Description
======================
SWTOR Char DB 1.8b is prone to multiple security vulnerabilities
Continue reading "SSCHADV2012-009 - Star Wars Old Republic - SWTOR Char DB 1.8b Multiple security vulnerabilities"
Advisory:
|
PHP Address Book 6.2.12 Multiple security vulnerabilities
|
Advisory ID: |
SSCHADV2012-007 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on PHP Address Book 6.2.12 |
Vendor URL: |
|
Vendor Status: |
informed
|
EDB-ID: |
18578 |
CVE-ID:
|
CVE-2012-1911, CVE-2012-1912
|
======================
Vulnerability Description
======================
PHP Address Book 6.2.12 is prone to multiple XSS and SQL-Injection vulnerabilities
Continue reading "SSCHADV2012-007 - PHP Address Book 6.2.12 Multiple security vulnerabilities"
Advisory:
|
Wikidforum 2.10 Multiple security vulnerabilities
|
Advisory ID: |
SSCHADV2012-005 |
Author: |
Stefan Schurtz |
Affected Software: |
Successfully tested on Wikidforum 2.10 |
Vendor URL: |
|
Vendor Status: |
informed
|
OSVDB ID:
|
80838, 80839, 80840
|
======================
Vulnerability Description
======================
Wikidforum 2.10 is prone to multiple XSS and SQL-Injection vulnerabilities
Continue reading "SSCHADV2012-005 - Wikidforum 2.10 Multiple security vulnerabilities"
Advisory:
|
Seotoaster SQL-Injection Admin Login Bypass
|
Advisory ID:
|
INFOSERVE-ADV2011-06
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on Seotoaster v.1.9
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
======================
Vulnerability Description
======================
Seotoaster v.1.9 is prone to an SQL-Injection which bypass the admin login
Continue reading "INFOSERVE-ADV2011-06 - Seotoaster SQL-Injection Admin Login Bypass"
Advisory:
|
PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability
|
Advisory ID:
|
INFOSERVE-ADV2011-08
|
Author:
|
Stefan Schurtz
|
Contact:
|
|
Affected Software:
|
Successfully tested on PHP Inventory 1.3.1
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
CVE-2009-4595,CVE-2009-4596,CVE-2009-4597
|
======================
Vulnerability Description
======================
PHP Inventory is (still) prone to a SQL-Injection (Auth Bypass) vulnerability
Continue reading "INFOSERVE-ADV2011-08 - PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability"