SecPod Research Team member (Antu Sanadi) has found an XSS flaw in AR Web Content Manager (AWCM), which can be…

Folks, SecPod Research Team member (Karthik N.) has found a DLL Insecure Loading vulnerability in PowerZip application, which can be…

Folks, SecPod Research Team has found one LFI (Local File Inclusion) and XSS flaw in Openengine CMS, which can be…

Folks, SecPod Research Team member (Antu Sanadi) found persistent XSS flaw in Pecio CMS, which can be used to gain…

Folks, SecPod Research Team member (Veerendra G.G) found persistent XSS flaw in Micro CMS, which can be used to gain…

Folks, SecPod Research Team member (Veerendra G.G) found multiple XSS flaws in Wiccle Web Builder CMS and iWiccle CMS Community…

Folks,
SecPod Research Team member (Sooraj K.S) found an XSS flaw in ZeusCart Ecommerce Shopping Cart, which can be used to gain sensitive information and launch further attacks. The flaw lies in the search parameter while ZeusCart web app processes the user-supplied input and renders the content back to the client’s browser. The flaw can be exploited to inject arbitrary HTML codes and steal cookies and so on. (more…)

MS09-050 addresses the much talked about SMB2 Negotiation vulnerability. A crafted SMB packet could crash the Windows Vista/2008 systems with…

OpenVAS plugins for Microsoft Security Bulletins - July 2009 are now available in the SVN repository. The plugins can be…

The news…

Passing the 10000th Network Vulnerability Test (NVT) is a perfect occasion to report about the progress of the OpenVAS project[1].

In October 2008 the systematic development of new NVTs started with a base of around 5800 Tests. With the release of OpenVAS 2.0 in December 2008, the development was boosted and has now reached an average of 10 code updates per day.  The public OpenVAS NVT Feed Service delivers 3-10 new vulnerability tests every day. (more…)