eVuln Security Advisories
We are looking for new vulnerabilities in open source web applications to keep up to date and improve our skills in website security. The result of this work is displayed in the eVuln Security Advisories list. Currently our own advisories list has 175 security advisories including 209 CVE entries.
The list of security advisories published by eVuln.
- postid SQL Injection in Social Share
2010.12.08
Version: 2010-06-05
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: medium - link and linkdescription XSS in Social Share
2010.12.07
Version: 2010-06-05
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - title,url - Non-persistent XSS in Social Share
2010.12.06
Version: 2010-06-05
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - error - Non-persistent XSS in slickMsg
2010.12.04
Version: 0.7-alpha
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - BBCode CSS XSS in slickMsg
2010.12.03
Version: 0.7-alpha
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - post - Non-persistent XSS in slickMsg
2010.12.02
Version: 0.7-alpha
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - url BBCode XSS in slickMsg
2010.12.01
Version: 0.7-alpha
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - title - Non-persistent XSS in slickMsg
2010.11.30
Version: 0.7-alpha
Status: Unpatched. vendor notified. No reply from developer(s).
Risk level: low - Non-persistent XSS in BizDir
2010.11.29
Version: v.05.10
Status: Fixed. Patched version is available.
Risk level: low - Non-persistent XSS in WWWThreads (perl version)
2010.11.28
Version: v5.0.8 Pro (perl version)
Status: Unpatched. WWWThreads notified. No reply from developer(s).
Risk level: low