Archive

Archive for the ‘Session Hijacking’ Category

Joomla! Amblog Component “catid” and “articleid” SQLi

August 25th, 2010
Comments Off

Application: Joomla!
Affected Version: version 1.0 and other versions.
Vendor’s URL: Amblog Component
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitised.

Content Management, Session Hijacking, SQL Injection

vbDrupal SQL Injection and XSS

July 17th, 2008
Comments Off

Application: vbDrupal
Affected Version:
Vendor’s URL: vbDrupal
Bug Type: SQL Injection and Cross Site Scripting
Risk Level: Critical

Solution:
Update to version 5.8.0.

Content Management, Cross Site Scripting, Session Hijacking, SQL Injection

Zen Cart Vulnerability

July 20th, 2007

Application: Zen Cart
Affected Version: 1.3.7 or other versions may be affected
Vendor’s URL: http://www.zencart.com/
Bug Type: Session Hijacking
Risk Level: Medium

Solution:
- Update to zen-cart-v1.3.7-full-patched-07012007

E-Commerce, Session Hijacking