Learn Search

Search across all Learn content

SecPod Labs

Security Research

In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.

Micro CMS Persistent Cross-Site Scripting Vulnerability

CVE Research

Micro CMS Persistent Cross-Site Scripting Vulnerability

Folks, SecPod Research Team member (Veerendra G.G) found persistent XSS flaw in Micro CMS, which can be used to gain sensitive information and launch further attacks. The flaw lies in name parameters while the web Application processes the user-supplied input and renders the content back to the clie...

Sep 27, 2010 • 1 min read

Pecio CMS Cross-Site scripting Vulnerability

CVE Research

Pecio CMS Cross-Site scripting Vulnerability

Folks, SecPod Research Team member (Antu Sanadi) found persistent XSS flaw in Pecio CMS, which can be used to gain sensitive information and launch further attacks. The flaw lies in search parameters while the web Application processes the user-supplied input and renders the content back to the clie...

Sep 27, 2010 • 1 min read

Multiple XSS Vulnerabilities in Wiccle Web Builder CMS and iWiccle CMS Community Builder

CVE Research

Multiple XSS Vulnerabilities in Wiccle Web Builder CMS and iWiccle CMS Community Builder

Folks, SecPod Research Team member (Veerendra G.G) found multiple XSS flaws in Wiccle Web Builder CMS and iWiccle CMS Community Builder M, which can be used to gain sensitive information and launch further attacks. Multiple flaws lies in multiple parameters while the web Application processes the us...

Sep 12, 2010 • 1 min read

XSS Vulnerability in ZeusCart Shopping Cart [0day]

CVE Research

XSS Vulnerability in ZeusCart Shopping Cart [0day]

Folks, SecPod Research Team member (Sooraj K.S) found an XSS flaw in ZeusCart Ecommerce Shopping Cart, which can be used to gain sensitive information and launch further attacks. The flaw lies in the search parameter while ZeusCart web app processes the user-supplied input and renders the content ba...

Aug 04, 2010 • 1 min read

Remote OpenVAS check for MS09-050

CVE Research

Remote OpenVAS check for MS09-050

MS09-050 addresses the much talked about SMB2 Negotiation vulnerability. A crafted SMB packet could crash the Windows Vista/2008 systems with blue screen.

Oct 14, 2009 • 1 min read

Microsoft Bulletins Plugins – Jul09

CVE Research

Microsoft Bulletins Plugins – Jul09

OpenVAS plugins for Microsoft Security Bulletins – July 2009 are now available in the SVN repository. The plugins can be also synced via openvas-nvt-sync method.

Jul 14, 2009 • 1 min read

MS08-067 (Conficker worm) detection – OpenVAS plugin

CVE Research

MS08-067 (Conficker worm) detection – OpenVAS plugin

Conficker worm variants A, B and C are dependent on vulnerability in Microsoft server service. Microsoft had released an advisory MS08-067 back in October 2008 to address the above vulnerability. As was expected at that time, number of attacks are spreading, major one being Conficker worm via the co...

Mar 31, 2009 • 2 min read

Exploit Shield

CVE Research

Exploit Shield

In the arena of computer security and exploitation world, we come across many security tools. Some of them are quite useful; for some, you have to plug them in and out in a few days. However, the antivirus company F-Secure developed an application called Exploit Shield, which is mainly prioritizing ...

Dec 29, 2008 • 4 min read