Vulnerability ID: HTB22361
Reference: http://www.htbridge.ch/advisory/xss_in_saurus_cms.html
Product: Saurus CMS Community Editon
Vendor: Saurused Ltd
Vulnerable Version: 4.7.0
Vendor Notification: 27 April 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
action: install the patches and archive files listed in the Resolution
END AFFECTED VERSIONS (for HP-UX)
HISTORY
Version:1 (rev.1) - 27 April 2009 Initial release
Version:2 (rev.2) - 10 December 2009 NNM v7.01 files are on ftp.usa.hp.com
Version:3 (rev.3) - 18 August 2010 NNM v7.01 patches are available
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
action: install the patches and archive files listed in the Resolution
END AFFECTED VERSIONS (for HP-UX)
HISTORY
Version:1 (rev.1) - 27 April 2009 Initial release
Version:2 (rev.2) - 10 December 2009 NNM v7.01 files are on ftp.usa.hp.com
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
URL: http://itrc.hp.com
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 27 April 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
URL: http://itrc.hp.com
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) - 27 April 2009 Initial release
Version:2 (rev.2) - 7 May 2009 Correct patch IDs
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
URL: http://h18000.www1.hp.com/products/servers/management/hpsim/index.html
END AFFECTED VERSIONS (for HP-UX)
HISTORY
Version:1 (rev.1) - 27 April 2010 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
URL: ftp://ss080125:ss080125@hprc.external.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY
Version:1 (rev.1) - 27 April 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Vulnerability ID: HTB22362
Reference: http://www.htbridge.ch/advisory/xss_in_dynamixgate.html
Product: DynamiXgate Affiliate Store Builder
Vendor: DynamiXgate Team
Vulnerable Version: Current version at 2010, April
Vendor Notification: 27 April 2010
Vulnerability Type: XSS (Cross Site Scripting)
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
