SecPod Research Team member (Antu Sanadi) has found a cross-site scripting vulnerability in S40 Content Management System (CMS). Input passed…

SecPod Research Team member (Antu Sanadi) has found a Denial of Service vulnerability in Allied Telesyn TFTP Server. The vulnerability…

SecPod Research Team member (Antu Sanadi) has found an XSS flaw in AR Web Content Manager (AWCM), which can be…

Folks, SecPod Research Team member (Karthik N.) has found a DLL Insecure Loading vulnerability in PowerZip application, which can be…

Folks, SecPod Research Team has found one LFI (Local File Inclusion) and XSS flaw in Openengine CMS, which can be…

Folks, SecPod Research Team member (Antu Sanadi) found persistent XSS flaw in Pecio CMS, which can be used to gain…

Folks, SecPod Research Team member (Veerendra G.G) found persistent XSS flaw in Micro CMS, which can be used to gain…

Folks, SecPod Research Team member (Veerendra G.G) found multiple XSS flaws in Wiccle Web Builder CMS and iWiccle CMS Community…

Folks,
SecPod Research Team member (Sooraj K.S) found an XSS flaw in ZeusCart Ecommerce Shopping Cart, which can be used to gain sensitive information and launch further attacks. The flaw lies in the search parameter while ZeusCart web app processes the user-supplied input and renders the content back to the client’s browser. The flaw can be exploited to inject arbitrary HTML codes and steal cookies and so on. (more…)

MS09-050 addresses the much talked about SMB2 Negotiation vulnerability. A crafted SMB packet could crash the Windows Vista/2008 systems with…