papers

What this paper is This paper details a specific SQL injection vulnerability found in the download module of a web application called 'Free Simple Software'. The vulnerability, identified as CVE-2010-4298, allows an atta

What this paper is This paper details a SQL injection vulnerability found in the script of the WSN Links web application. It explains how an attacker can manipulate specific parameters to inject malicious SQL code, leadi

What this paper is This paper details a vulnerability in phpvidz version 0.9.5 that allows an attacker to easily discover the administrative password. The vulnerability stems from how the application stores its configura

What this paper is This paper details a vulnerability in GetSimple CMS versions 2.01 and 2.02. It describes how an attacker can gain access to administrative credentials (username and password hash) by directly accessing

What this paper is This paper describes a Metasploit Framework exploit module for a vulnerability in the PoPToP (Point-to-Point Tunneling Protocol) server. The vulnerability is a "negative read overflow" which can be tri

What this paper is This paper details a security vulnerability in PHPmotion version 1.62. Specifically, it describes how an attacker can exploit a flaw in the FCKeditor component to upload arbitrary files to the web serv