>> CATEGORY: Security

SiteMagic CMS 4.4.2 – Arbitrary File Upload (Authenticated)

BarracudaDrive v6.5 – Insecure Folder Permissions

Stock Management System 1.0 – Cross-Site Request Forgery (Change Username)

moziloCMS 2.0 – Persistent Cross-Site Scripting (Authenticated)

Mara CMS 7.5 – Remote Code Execution (Authenticated)

Online Book Store 1.0 – ‘id’ SQL Injection

Fuel CMS 1.4.8 – ‘fuel_replace_id’ SQL Injection (Authenticated)

BlazeDVD 7.0 Professional – ‘.plf’ Local Buffer Overflow (SEH,ASLR,DEP)

Mara CMS 7.5 – Reflective Cross-Site Scripting

CMS Made Simple 2.2.14 – Arbitrary File Upload (Authenticated)