Microsoft has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 26 are classified as Critical and 86 as Important which includes Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Exchange Server, Azure […]
Read More →SecPod Research Team member (Shakeel Bhat) has found Multiple Cross-Site Scripting Vulnerability in BarracudaDrive. The vulnerability is caused by improper validation of various parameter in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data. Complete Advisory information can be found here. Advisory in CVRF format […]
Read More →SecPod Research Team member (Sooraj K.S) has found Cross-Site Scripting Vulnerabilities in Adiscon LogAnalyzer. The vulnerability is caused by improper validation of “highlight” parameter in “index.php”. This may allow an attacker to steal cookie-based authentication credentials or inject arbitrary HTML code and launch further attacks. More information can be found here. CVE Info : CVE-2012-3790 […]
Read More →SecPod Research Team member (Antu Sanadi) has found Multiple Vulnerabilities in Xataface WebAuction and Xataface Librarian DB. The vulnerability is caused by improper validation of various parameters in several pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. […]
Read More →SecPod Research Team member (Sooraj K.S) has found Multiple XSS and SQL Injection Vulnerabilities in MYRE Real Estate Software. The vulnerability is caused by improper validation of various parameters in several pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the […]
Read More →SecPod Research Team member (Sooraj K.S) has found multiple cross-site scripting vulnerability in Andy’s PHP Knowledgebase. The vulnerability is caused by improper validation of various parameters in several pages. This may allow an attacker to steal cookie-based authentication credentials or inject arbitrary HTML code and launch further attacks. More information can be found here.
Read More →