PhpMoAdmin vulnerability analysis report-vulnerability warning-the black bar safety net

phpMoAdmin is a convenient online MongoDB management tool that can be used to create, delete and modify databases and indexes, view and data search tool that provides database startup time and memory statistics, support for JSON format data import and export the php application. Recently named...

Mail.ru: Same Origin Policy bypass

Hi, After small investigation I've probably found something that can be exploited to bypass Same Origin Policy on mail.ru services specially your main domain and e.mail.ru. First of all - let's take a look about your crossdomain.xml both for mail.ru and e.mail.ru: After time spent on searching...

Group Office Calendar (calendar/json.php) SQL Injection

No description provided by source. /-------------------------------------\ | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection vulnerability locate...

Android Malware uses Google Cloud Messaging Service; infected over 5 Million Devices

The Kaspersky Lab researchers recently have discovered a number of Android malware apps are abusing the Google Cloud Messaging Service GCM as Command and Control server. The GCM service allows Android app developers to send messages using JSON Format for installed apps, but hackers exploited it f...

Android Malware uses Google Cloud Messaging Service; infected over 5 Million Devices

The Kaspersky Lab researchers recently have discovered a number of Android malware apps are abusing the Google Cloud Messaging Service GCM as Command and Control server. The GCM service allows Android app developers to send messages using JSON Format for installed apps, but hackers exploited it f...

Important: Red Hat Security Advisory: Red Hat Storage 2.0 security, bug fix, and enhancement update #4

Updated Red Hat Storage 2.0 packages that fix multiple security issues, several bugs, and add enhancements are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

OpenCart 1.5.5.1 Directory Traversal Vulnerability

OpenCart version 1.5.5.1 suffers from a directory traversal vulnerability. Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 ===================================================== Author: Janek Vind "waraxe" Date: 19. March 2013 Location: Estonia, Tartu Web:...

Important: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat OpenStack Essex. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Group-Office Calendar SQL Injection

/------------------------------------- | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection vulnerability located in the calendar module. A PHP file...

Group-Office Calendar 4.0.88 SQL Injection Vulnerability

Exploit for php platform in category web applications /-------------------------------------\ | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection...

Group Office Calendar - calendarjson.php SQL Injection

Group Office Calendar - calendarjson.php SQL Injection /-------------------------------------\ | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection...

Cross site scripting

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...