Skip to content

KORAMIS-ADV2012-002 - Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities

Advisory:
Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities
Advisory ID: KORAMIS-ADV2012-002
Contact. security@koramis.de
Author: Stefan Schurtz
Affected Software: Successfully tested on Alienvault Open Source SIEM 3.1 (32bit)
Vendor URL:
Vendor Status:
informed
EDB-ID: 18800
 
==========================
Vulnerability Description
==========================
 
Alienvault OSSIM Open Source SIEM 3.1 is prone to XSS and SQL-Injection vulnerabilities
 
Continue reading "KORAMIS-ADV2012-002 - Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities"

SSCHADV2012-009 - Star Wars Old Republic - SWTOR Char DB 1.8b Multiple security vulnerabilities

Advisory:
Star Wars Old Republic – SWTOR Char DB 1.8b Multiple security vulnerabilities
Advisory ID: SSCHADV2012-009
Author: Stefan Schurtz
Affected Software: Successfully tested on Star Wars Old Republic – SWTOR Char DB 1.8b
Vendor URL:
Vendor Status:
fixed
OSVDB ID:
80841, 80842
 
======================
Vulnerability Description
======================
 
SWTOR Char DB 1.8b is prone to multiple security vulnerabilities
 
Continue reading "SSCHADV2012-009 - Star Wars Old Republic - SWTOR Char DB 1.8b Multiple security vulnerabilities"

SSCHADV2012-007 - PHP Address Book 6.2.12 Multiple security vulnerabilities

Advisory:
PHP Address Book 6.2.12 Multiple security vulnerabilities
Advisory ID: SSCHADV2012-007
Author: Stefan Schurtz
Affected Software: Successfully tested on PHP Address Book 6.2.12
Vendor URL:
Vendor Status:
informed
EDB-ID:  18578
CVE-ID:
CVE-2012-1911, CVE-2012-1912
 
======================
Vulnerability Description
======================
 
PHP Address Book 6.2.12 is prone to multiple XSS and SQL-Injection vulnerabilities
 
Continue reading "SSCHADV2012-007 - PHP Address Book 6.2.12 Multiple security vulnerabilities"

SSCHADV2012-005 - Wikidforum 2.10 Multiple security vulnerabilities

Advisory:
Wikidforum 2.10 Multiple security vulnerabilities
Advisory ID: SSCHADV2012-005
Author: Stefan Schurtz
Affected Software: Successfully tested on Wikidforum 2.10
Vendor URL:
Vendor Status:
informed
OSVDB ID:
80838, 80839, 80840
 
======================
Vulnerability Description
======================
 
Wikidforum 2.10 is prone to multiple XSS and SQL-Injection vulnerabilities
 
Continue reading "SSCHADV2012-005 - Wikidforum 2.10 Multiple security vulnerabilities"

INFOSERVE-ADV2011-06 - Seotoaster SQL-Injection Admin Login Bypass

Advisory:
Seotoaster SQL-Injection Admin Login Bypass
Advisory ID:
INFOSERVE-ADV2011-06
Author:
Stefan Schurtz
Contact:
Affected Software:
Successfully tested on Seotoaster v.1.9
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
Seotoaster v.1.9 is prone to an SQL-Injection which bypass the admin login
 
Continue reading "INFOSERVE-ADV2011-06 - Seotoaster SQL-Injection Admin Login Bypass"

INFOSERVE-ADV2011-08 - PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability

Advisory:
PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability
Advisory ID:
INFOSERVE-ADV2011-08
Author:
Stefan Schurtz
Contact:
Affected Software:
Successfully tested on PHP Inventory 1.3.1
Vendor URL:
Vendor Status:
fixed
CVE-ID:
CVE-2009-4595,CVE-2009-4596,CVE-2009-4597
 
======================
Vulnerability Description
======================
 
PHP Inventory is (still) prone to a SQL-Injection (Auth Bypass) vulnerability
 
Continue reading "INFOSERVE-ADV2011-08 - PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability"
Imprint | Contact | Privacy Statement