David Vieira/Kurz
Vendor-Status: informed
Advisory-Status: published on 02-02-2010
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info
Affected Products:
============
Apple Safari browser 4.0.4 an prior
Vendor-Status: informed
Advisory-Status: published on 02-02-2010
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info
Affected Products:
============
Motorola Milestone(Droid) smartphone Browser with following useragent:
Vendor-URL: http://www.apple.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Affected Products
=============
Apple Mobile Safari on iOS 5.1
Prior versions may also be affected
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info
Affected Products:
----------------------------
moziloCMS 1.10.1 and prior
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.de
Affected Products:
----------------------------
BLUEPAGE CMS 2.5 and prior
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info
Affected Products:
----------------------------
PHP 5.3 and prior
> Vendor-URL: http://www.contao.org/
> Advisory-Status: published
>
> Credits
> =============
> Discovered by: David Vieira-Kurz
>
> Affected Products:
> =============
> Contao CMS 2.9.2
> Prior versions may also be vulnerable
Vendor-URL: http://www.phpkit.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Original Advisory
=============
http://www.majorsecurity.net/phpkit-wcms-xss-stored.php
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php
Affected Products:
----------------------------
Anantasoft Gazelle CMS 1.0
Vendor-Status: informed
Advisory-Status: published
Credits
************************
Discovered by: David Vieira-Kurz of HACKATTACK IT SECURITY GmbH
http://www.HACKATTACK.at || http://www.HACKATTACK.eu
Affected Products:
----------------------------
Social Engine 2.7 and prior
Vendor-URL: http://www.subdreamer.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.net/penetrationstest.php
Original Advisory
=============
http://www.majorsecurity.net/subdreamer_cms_sql_injection.php
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.de
Affected Products:
----------------------------
moziloWiki 1.0.1 and prior
Vendor-URL: http://www.wordpress.org/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Affected Products:
=============
WordPress 3.0.1
Prior versions may also be vulnerable
Vendor-URL: http://www.conpresso.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Original Advisory
=============
http://www.majorsecurity.net/conpresso_cms_xss.php
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info
Affected Products:
----------------------------
PHP 5.3 and prior
Dear SecurityFocus moderators.
Unfortunelly this bug was not found by Am!r (IrIsT?) like it has been credited in this advisory. It was originally discovered by David Vieira-Kurz of MajorSecurity and published on June 3rd 2006.
BugTraq-iD: 345993 --> http://www.securityfocus.com/archive/1/435993
and BID: 18284 -->
http://www.securityfocus.com/bid/18284
Original advisory: http://www.majorsecurity.de/index_2.php?major_rls=major_rls9
Vendor-URL: http://www.contao.org/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz
Affected Products:
=============
Contao CMS 2.9.2
Prior versions may also be vulnerable
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.de
Affected Products:
----------------------------
ActualAnalyzer Server 8.37 and prior
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.de
Affected Products:
----------------------------
xt:Commerce 3.04 and prior
Vendor-URL: http://www.redaks.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Original Advisory
=============
http://www.majorsecurity.net/redaks_cms_sql_injection.php
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.HACKATTACK.at / www.HACKATTACK.eu
Affected Products:
----------------------------
WEB//NEWS 1.4 and prior
Vendor-URL: http://www.redaks.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Original Advisory
=============
http://www.majorsecurity.net/redaks_CMS_xss.php
Vendor-URL: http://www.simploo.de/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz of MajorSecurity
Affected Products:
=============
Simploo CMS 1.7.1 and prior
Vendor-URL: http://www.plume-cms.net/
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php
Affected Products:
----------------------------
Plume CMS 1.2.4
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php
Affected Products:
----------------------------
Vendor-Status: informed
Advisory-Status: not yet published
Credits
************************
Discovered by: David Vieira-Kurz
http://www.HACKATTACK.at || http://www.HACKATTACK.eu
Affected Products:
----------------------------
Pro Clan Manager 0.4.2 and prior
Vendor-URL: http://www.phpfaber.com/
Advisory-Status: published
Credits
=============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.net/penetrationstest.php
Original Advisory
=============
http://www.majorsecurity.net/phpFaber_CMS_xss.php
Vendor-Status: informed
Advisory-Status: not yet published
Credits
************************
Discovered by: David Vieira-Kurz
http://www.HACKATTACK.at || http://www.HACKATTACK.eu
Affected Products:
----------------------------
Impress CMS 1.1 and prior
Vendor-Status: informed
Advisory-Status: not yet published
Credits
************************
Discovered by: David Vieira-Kurz
http://www.HACKATTACK.at
Affected Products:
----------------------------
ConPresso CMS 4.07 and prior
|
