SecPod Research Team member (Thanga Prakash) has found Multiple Cross-site Scripting Vulnerabilities and SQL injection vulnerability in WordPress HTML5 MP3 Player with Playlist plugin. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, inject or manipulate SQL queries in the back-end […]

Read More →

SecPod Research Team member (Antu Sanadi) has found Cross-Site Scripting and SQL Injection Vulnerabilities in NetArt Media Pharmacy System. The vulnerability is caused by improper validation of various parameters in multiple pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the […]

Read More →

SecPod Research Team member (Antu Sanadi) has found an SQL Injection Vulnerabilities in NetArt Media iBoutique. The vulnerability is caused by improper validation of ‘key’ parameter in ‘/index.php’. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. More information can be found here. Welcome any feedback or suggestion. Cheers! SecPod Research […]

Read More →

SecPod Research Team member (Antu Sanadi) has found Multiple Persistence Cross-Site Scripting and SQL Injection Vulnerabilities in ArticleSetup. The vulnerability is caused by improper validation of various parameters in multiple pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying […]

Read More →

SQL injection attacks are the techniques used by hackers to inject malicious SQL queries into the Web Applications to steal information from the stored database. SQL injection attacks are on the rise and these days attackers are targeting Social Networking Sites, Online Shopping Cart web pages and other such web based applications. Search Engines are […]

Read More →