Open-AudIT Professional – 2.1.1 – Cross-Site Scripting
>> ARCHIVE: 2018-05
Open-AudIT Professional – 2.1.1 – Cross-Site Scripting
Open-AudIT Community – 2.2.0 – Cross-Site Scripting
Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to add a backdoor FTP account.
Easy Hosting Control Panel version 0.37.12.b suffers from a cross site scripting vulnerability that allows you to steal the cookie.
Easy Hosting Control Panel version 0.37.12.b suffers from multiple cross site request forgery vulnerabilities.
Easy Hosting Control Panel version 0.37.12.b suffers from an insecure cryptography vulnerability.
Easy Hosting Control Panel version 0.37.12.b suffers from a clear-text password storage vulnerability.
Easy Hosting Control Panel version 0.37.12.b suffers from an unverified password change vulnerability.
Microsoft FxCop versions 10 through 12 are vulnerable to XML injection attacks allowing local file ex-filtration and or NTLM hash theft. Tested in Windows 7 and Windows 10 download SDK…
Mantis versions 1.1.3 and earlier are vulnerable to a post-authentication remote code execution vulnerability in the sort parameter of the manage_proj_page.php page.