BulletProof Security 53.3 - Security Advisory - Multiple XSS Vulnerabilities

2016-05-11 Thread Onur Yilmaz
Information Advisory by Netsparker Name: Multiple XSS Vulnerabilities in BulletProof Security Affected Software : BulletProof Security Affected Versions: v53.3 and possibly below Vendor Homepage : https://wordpress.org/plugins/bulletproof-security/ Vulnerability Type : Cross-si

MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS

2016-02-02 Thread Onur Yilmaz
Information Advisory by Netsparker Name: XSS Vulnerability in MailPoet Newsletters Affected Software : MailPoet Newsletters Affected Versions: v2.6.19 and possibly below Vendor Homepage : http://www.mailpoet.com/ Vulnerability Type : Cross-site Scripting Severity : Important CV

LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability

2016-01-20 Thread Onur Yilmaz
Information Advisory by Netsparker Name: HTTP Header Injection in LiteSpeed Web Server Affected Software : LiteSpeed Web Server Affected Versions: v5.1.0 and possibly below Vendor Homepage : https://www.litespeedtech.com/ Vulnerability Type : HTTP Header Injection Severity : Me

TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390

2015-10-07 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: SQL Injection Vulnerability in TestLink 1.9.13 Affected Software : TestLink Affected Versions: 1.9.1.3 and possibly below Vendor Homepage : http://testlink.org/ Vulnerability Type : SQL Injection Severity : Critical Status : Fixed CVE-I

TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391

2015-10-07 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in TestLink 1.9.13 Affected Software : TestLink Affected Versions: 1.9.1.3 and possibly below Vendor Homepage : http://testlink.org/ Vulnerability Type : Cross-site Scripting Severity : Important Status : Fi

DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584

2015-09-10 Thread Onur Yilmaz
r Fixed 09/09/2015 - Advisory Released Credits & Authors These issues have been discovered by Onur Yilmaz while testing Netsparker Web Application Security Scanner (https://www.netsparker.com). About Netsparker Netsparker finds and reports s

Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250

2015-05-13 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in Concrete5 Affected Software : Concrete5 Affected Versions: 5.7.3.1 and possibly below Vendor Homepage : https://www.concrete5.org Vulnerability Type : Cross-site Scripting Severity : Important CVE-ID: CVE

Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429

2015-05-07 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: DOM XSS Vulnerability in Twenty Fifteen WordPress Theme Affected Software : WordPress Affected Versions: 4.2.1 and probably below Vendor Homepage : https://wordpress.org/ and https://wordpress.org/themes/twentyfifteen/ Vulnerability Typ

Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384

2015-02-02 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: XSS Vulnerability in Banner Effect Header Affected Software : Banner Effect Header Affected Versions: 1.2.7 and possibly below Vendor Homepage : https://wordpress.org/plugins/banner-effect-header/ Vulnerability Type : Cross-site Scripting Sever

Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385

2015-01-29 Thread Onur Yilmaz
Information Advisory by Netsparker Name: XSS Vulnerability in Blubrry PowerPress Affected Software : Blubrry PowerPress Affected Versions: 6.0 and possibly below Vendor Homepage : https://wordpress.org/plugins/powerpress/ Vulnerability Type : Cross-site Scripting Severity : Important C

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367

2014-12-19 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: XSS Vulnerability with Scope and Other URL Parameters of WebSearch Affected Software : TWiki Affected Versions: 6.0.1 and possibly below Vendor Homepage : http://www.twiki.org/ Vulnerability Type : Cross-site Scripting Severity : Import

TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325

2014-12-19 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: XSS Vulnerability with QUERYSTRING and QUERYPARAMSTRING in TWiki Affected Software : TWiki Affected Versions: 6.0.1 and possibly below Vendor Homepage : http://www.twiki.org/ Vulnerability Type : Cross-site Scripting Severity : Importan

Subrion CMS Security Advisory - XSS Vulnerability - CVE-2014-9120

2014-12-09 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: XSS Vulnerability in Subrion CMS Affected Software : Subrion CMS Affected Versions: 3.2.2 and possibly below Vendor Homepage : http://www.subrion.org/ Vulnerability Type : Cross-site Scripting Severity : Important CVE-ID: CVE-2014-9120

LiteCart Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-7183

2014-10-20 Thread Onur Yilmaz
--- These issues have been discovered by Onur Yilmaz while testing Netsparker Web Application Security Scanner. About Netsparker Netsparker can find and report security issues and vulnerabilities such as SQL Injection and Cross-site Scripting (XSS) in all websites and web

Osclass Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-6280

2014-09-17 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: XSS Vulnerability in OsClass Affected Software : OsClass Affected Versions: 3.4.1 and possibly below Vendor Homepage : http://osclass.org/ Vulnerability Type : Cross-site Scripting Severity : Critical CVE-ID: CVE-2014-6280 Netsparker Advisory R

Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308

2014-09-17 Thread Onur Yilmaz
Information --- Advisory by Netsparker. Name : LFI Vulnerability in OsClass Affected Software : OsClass Affected Versions: 3.4.1 and possibly below Vendor Homepage : http://osclass.org/ Vulnerability Type : Local File Inclusion Severity : Critical CVE-ID: CVE-2014-6308 Netsparker Advisory R