Recent Curesec Publications

redaxscript 2.5.0: Code Execution
2015 Dec 02

redaxscript 2.5.0: Code Execution

There is a Code Execution vulnerability in the admin area of redaxscript 2.5.0.  

appRain 4.0.3: XSS
2015 Dec 02

appRain 4.0.3: XSS

There are two reflected XSS vulnerabilities in appRain 4.0.3.  

appRain 4.0.3: Path Traversal
2015 Dec 02

appRain 4.0.3: Path Traversal

There is a Path Traversal vulnerability in appRain 4.0.3.  

appRain 4.0.3: CSRF
2015 Dec 02

appRain 4.0.3: CSRF

None of the forms of appRain 4.0.3 have CSRF protection.  

appRain 4.0.3: Code Execution
2015 Dec 02

appRain 4.0.3: Code Execution

appRain 4.0.3, Code Execution, vulnerability, advisory  

AlegroCart 1.2.8: SQL Injection
2015 Nov 13

AlegroCart 1.2.8: SQL Injection

There is an SQL Injection vulnerability in the admin area of AlegroCart 1.2.8.  

AlegroCart 1.2.8: LFI/RFI
2015 Nov 13

AlegroCart 1.2.8: LFI/RFI

There is an LFI/RFI vulnerability in the admin area of AlegroCart 1.2.8.  

LiteCart 1.3.2: Multiple XSS
2015 Nov 13

LiteCart 1.3.2: Multiple XSS

There are multiple XSS vulnerabilities in LiteCart 1.3.2.  

ClipperCMS 1.3.0: XSS
2015 Nov 13

ClipperCMS 1.3.0: XSS

There are multiple XSS vulnerabilities in ClipperCMS 1.3.0.  

ClipperCMS 1.3.0: SQL Injection
2015 Nov 13

ClipperCMS 1.3.0: SQL Injection

There are multiple SQL Injection vulnerabilities in ClipperCMS 1.3.0.