Date: Sat, 3 Jan 2015 10:37:15 +0100 From: Steffen Rösemann <steffen.roesemann1986@...il.com> To: oss-security@...ts.openwall.com Subject: CVE Request -- CMS Absolut Engine v. 1.73 -- Multiple vulnerabilities Hello Josh, Steve, vendors, list. I found multiple vulnerabilities in CMS Absolut Engine v.1.73 including SQL injections and a reflecting XSS vulnerability residing in its administrative backend. Can you assign a CVE ID for it? Greetings, Steffen References:  http://sroesemann.blogspot.de/2014/12/sroeadv-2014-08.html  http://sroesemann.blogspot.de/2014/12/report-for-advisory-sroeadv-2014-08.html  http://seclists.org/fulldisclosure/2014/Dec/131  http://www.absolutengine.com/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ