Members Login

Rss Feeds

Get our latest content via RSS feeds.

Report a Vulnerability

Report a vulnerability or exploit that you have found to SecuMania.
vul[at]SecuMania.org

advertise with us

add your link here only ($10/month)

Google PageRank Checker
 

Recommended Links

Most downloaded

Latest Comments

thanks smiley
莆田SEO www.0594seo.com.cn 莆田SEM搜索引擎优化营销 www.ptsem.org.cn
hi webmaster,plz help me to find any information about account harvesting and traversal path attack ...
[…] self-propagating malware in the first place. Share this post: email it! | bookmark it! | digg ...
Hello Webmasters My name is Nikolai. I am making an organization for the protection internet users f...
good job you are the best . mgharba talmout :d
Hello, The reported problem has been fixed. Regards, Catalina Danila Online Rent Customer Supp...
Not Vulnerable: Luis Wang netOffice Dwins 1.3.1 visit website http://netofficedwins .sourceforge.ne...
Current version of script corrected. Security patch available to registered users in the user foru...
But i think to protect the password is not needed because it's not used in the SQL-Execute statement...

Who's Online

Total: 5
Members: 0 / Guests: 5
No members online

Packet Storm

Packet Storm Last 10 Exploits
Packet Storm Last 10 Advisories
Packet Storm Last 10 Tools
Packet Storm Last 10 Miscellaneous Files
Packet Storm Headlines

Links

viralcoders

lzer
Visits today: 573
Visits yesterday: 911
Visits month: 19667
Visits total: 65975
Pages total: 930489
QuickerSite Multiple Vulnerabilities Print E-mail
0
Tuesday, 03 June 2008
QuickerSite Multiple Vulnerabilities
Class: Unknown
CVE:
Remote: Yes
Local: No
Published: Jun 03 2008 12:00AM
Updated: Jun 03 2008 12:00AM
Credit:
AmnPardaz Security Research Team
Vulnerable:
QuickerSite QuickerSite 1.8.5
Not Vulnerable:
Description:
QuickerSite is prone to multiple vulnerabilities, including an SQL-injection issue, an authentication-bypass issue, multiple cross-site scripting issues and a file upload vulnerability.

Successful exploit may allow attackers to:
- access or modify data
- exploit latent vulnerabilities in the underlying database
- obtain sensitive information
- gain unauthorized access to the affected application
- upload arbitrary files and execute arbitrary server-side script code
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site

This will compromise the application and may help in further attacks.

The issues affects QuickerSite 1.8.5; other versions may also be vulnerable.
Exploit:
An attacker can exploit these issues through a browser.
Solution:
Currently SecuMania is not aware of any solution for this issue.
If you are aware of more recent information, please mail us at: vul[at]SecuMania.org.
References:
Source:
Set as favorite
Bookmark
Email This
Hits: 235
Comments (0)add
Write comment
quote
bold
italicize
underline
strike
url
image
quote
quote
smile
wink
laugh
grin
angry
sad
shocked
cool
tongue
kiss
cry
smaller | bigger

busy
 
< Prev   Next >
[ Back ]

Polls

How do you rate the SecuMania Security Portal?
 

Latest exploits

Latest vulnerabilities

Security

Spam

Viruses/Malware

Software/Programming

Linux

Microsoft

Technology

Loans | Provence Real Estate | Loans | Xbox Mod Chip | Fish Tank Helplinks VoteThisMovie PalKeys Hey3arab arabekia