Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: PhpSocial v2.0.0304_20222226
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Webite: http://phpsocial.net
Vulnerability Type: XSS / Open Redirect
Remote Exploitable: Yes
Reported to vendor: 11/21/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2….
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: PhpSocial v2.0.0304_20222226
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Webite: http://phpsocial.net
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 11/21/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
CVSS…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Arastta 1.1.5
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://arastta.org/
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 11/21/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
CVSS
Medium 4.3…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Arastta 1.1.5
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://arastta.org/
Vulnerability Type: SQL Injection
Remote Exploitable: Yes
Reported to vendor: 11/21/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
Arastta is…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Grawlix 1.0.3
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://www.getgrawlix.com/
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
CVSS
Medium…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Grawlix 1.0.3
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://www.getgrawlix.com/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
CVSS
Medium…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: Grawlix 1.0.3
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Website: http://www.getgrawlix.com/
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
CVSS…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: CouchCMS 1.4.5
Fixed in: 1.4.7
Fixed Version Link: http://www.couchcms.com/products/
Vendor Website: http://www.couchcms.com/
Vulnerability Type: XSS & Open Redirect
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Coordinated Release
CVE: n/a
Credits Tim…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: CouchCMS 1.4.5
Fixed in: 1.4.7
Fixed Version Link: http://www.couchcms.com/products/
Vendor Website: http://www.couchcms.com/
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Coordinated Release
CVE: n/a
Credits Tim Coen of…
Posted by Curesec Research Team (CRT) on Dec 23
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: esoTalk 1.0.0g4
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: toby () esotalk org
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 12/21/2015
Release mode: Full Disclosure
CVE: n/a
Credits Tim Coen of Curesec GmbH
2. Overview
CVSS
Medium 4.3…
Software and Security Information