Recent Curesec Publications

CodoForum 3.4: XSS
2015 Dec 02

CodoForum 3.4: XSS

There is an XSS vulnerability in CodoForum 3.4.  

phpwcms 1.7.9: CSRF
2015 Dec 02

phpwcms 1.7.9: CSRF

There is a CSRF vulnerability in phpwcms 1.7.9.  

phpwcms 1.7.9: Code Execution
2015 Dec 02

phpwcms 1.7.9: Code Execution

There are two Code Execution vulnerabilities in phpwcms 1.7.9. A registered user is required to exploit these issues.  

Geeklog 2.1.0: XSS
2015 Dec 02

Geeklog 2.1.0: XSS

There is a reflected XSS vulnerability in the installation script of Geeklog 2.1.0.  

Geeklog 2.1.0: Code Execution Exploit
2015 Dec 02

Geeklog 2.1.0: Code Execution Exploit

  

Geeklog 2.1.0: Code Execution
2015 Dec 02

Geeklog 2.1.0: Code Execution

There are two code execution vulnerability in the admin area of Geeklog 2.1.0.  

redaxscript 2.5.0: XSS
2015 Dec 02

redaxscript 2.5.0: XSS

There is a persistent XSS vulnerability in redaxscript 2.5.0. It requires the victim to hover over a link to trigger.  

redaxscript 2.5.0: Code Execution
2015 Dec 02

redaxscript 2.5.0: Code Execution

There is a Code Execution vulnerability in the admin area of redaxscript 2.5.0.  

appRain 4.0.3: XSS
2015 Dec 02

appRain 4.0.3: XSS

There are two reflected XSS vulnerabilities in appRain 4.0.3.  

appRain 4.0.3: Path Traversal
2015 Dec 02

appRain 4.0.3: Path Traversal

There is a Path Traversal vulnerability in appRain 4.0.3.