Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 3 Jan 2015 10:37:15 +0100
From: Steffen Rösemann <steffen.roesemann1986@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request -- CMS Absolut Engine v. 1.73 -- Multiple vulnerabilities

Hello Josh, Steve, vendors, list.

I found multiple vulnerabilities in CMS Absolut Engine v.1.73 including SQL
injections and a reflecting XSS vulnerability residing in its
administrative backend.

Can you assign a CVE ID for it?

Greetings, Steffen

References:

[1] http://sroesemann.blogspot.de/2014/12/sroeadv-2014-08.html
[2]
http://sroesemann.blogspot.de/2014/12/report-for-advisory-sroeadv-2014-08.html
[3] http://seclists.org/fulldisclosure/2014/Dec/131
[4] http://www.absolutengine.com/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ