Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: MyWebSQL 3.6
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://mywebsql.net/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/01/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Vulnerability Description
None…
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: OpenCart 2.0.3.1
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: https://www.opencart.com/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/01/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Vulnerability…
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Supercali Event Calendar 1.0.8
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://supercali.inforest.com/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/01/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2….
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Supercali Event Calendar 1.0.8
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://supercali.inforest.com/
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/01/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2….
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: CubeCart 6.0.7
Fixed in: 6.0.8
Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip
Vendor Contact: sales () cubecart com
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Coordinated release
CVE: n/a
Credits…
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: CubeCart 6.0.7
Fixed in: 6.0.8
Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip
Vendor Contact: sales () cubecart com
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Coordinated release
CVE: n/a
Credits Tim Coen…
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Quick.Cart 6.6
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: info () opensolution org
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Description
None of the…
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Quick.Cart 6.6
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: info () opensolution org
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Coordinated release
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Description…
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: TheHostingTool 1.2.6
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: https://thehostingtool.com/
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2….
Posted by Curesec Research Team (CRT) on Nov 06
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: TheHostingTool 1.2.6
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: https://thehostingtool.com/
Vulnerability Type: SQL Injection
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 10/07/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2….
Software and Security Information