CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability   Exploit Title: Smartwebsites SmartCMS v.2 Multiple XSS Security Vulnerabilities Product: SmartCMS v.2 Vendor: Smartwebsites Vulnerable Versions: v.2 Tested Version: v.2 Advisory Publication: Jan 22, 2015 Latest Update: Jan 22, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-9557 CVSS Severity (version 2.0): CVSS v2 Base Score: …

Continue reading CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-8752 JCE-Tech “Video Niche Script” XSS (Cross-Site Scripting) Security Vulnerability     Exploit Title: JCE-Tech “Video Niche Script” /view.php Multiple Parameters XSS Product: “Video Niche Script” Vendor: JCE-Tech Vulnerable Versions: 4.0 Tested Version: 4.0 Advisory Publication: Nov 18, 2014 Latest Update: Nov 18, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-8752 CVSS Severity (version 2.0): …

Continue reading CVE-2014-8752 JCE-Tech “Video Niche Script” XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-7293  NYU OpenSSO Integration XSS (Cross-Site Scripting) Security Vulnerability   Exploit Title: NYU OpenSSO Integration Logon Page url Parameter XSS Product: OpenSSO Integration Vendor: NYU Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory Publication: DEC 29, 2014 Latest Update: DEC 29, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7293 Risk Level: Medium …

Continue reading CVE-2014-7293 NYU OpenSSO Integration XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-7294 NYU OpenSSO Integration Open Redirect Security Vulnerability Exploit Title: NYU OpenSSO Integration Logon Page url Parameter Open Redirect Product: OpenSSO Integration Vendor: NYU Vulnerable Versions: 2.1 and probability prior Tested Version: 2.1 Advisory Publication: DEC 29, 2014 Latest Update: DEC 29, 2014 Vulnerability Type: Open Redirect [CWE-601] CVE Reference: CVE-2014-7294 CVSS v2 Base Score: 5.8 …

Continue reading CVE-2014-7294 NYU OpenSSO Integration Open Redirect Security Vulnerability

CVE-2014-9561  Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability   Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter XSS Product: SoftBB (mods) Vendor: Softbb.net Vulnerable Versions: v0.1.3 Tested Version: v0.1.3 Advisory Publication: Jan 10, 2015 Latest Update: Jan 10, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-9561 CVSS Severity (version 2.0): CVSS v2 Base Score: 4.3 …

Continue reading CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability

CVE-2014-9560  Softbb.net SoftBB SQL Injection Security Vulnerability     Exploit Title: Softbb.net SoftBB /redir_last_post_list.php post Parameter SQL Injection Product: SoftBB (mods) Vendor: Softbb.net Vulnerable Versions: v0.1.3 Tested Version: v0.1.3 Advisory Publication: Jan 10, 2015 Latest Update: Jan 10, 2015 Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) (CWE-89) CVE …

Continue reading CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability