[SECURITY] Fedora 25 Update: roundcubemail-1.2.3-1.fc25

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Contenido v4.9.11 - (Backend) Multiple XSS Vulnerabilities

Document Title: =============== Contenido v4.9.11 - Backend Multiple XSS Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1928 Release Date: ============= 2016-10-10 Vulnerability Laboratory ID VL-ID: ====================================...

[SECURITY] Fedora 25 Update: filezilla-3.21.0-1.fc25

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

[SECURITY] Fedora 23 Update: drupal7-entity_translation-1.0-0.9.beta5.fc23

Allows fieldable entities to be translated into different languages, by introducing entity/field translation for the new translatable fields capability in Drupal 7. Maintained by the Drupal core i18n team. This project does not replace the Internationalization http://drupal.org/project/i18n...

[SECURITY] Fedora 24 Update: drupal7-entity_translation-1.0-0.9.beta5.fc24

Allows fieldable entities to be translated into different languages, by introducing entity/field translation for the new translatable fields capability in Drupal 7. Maintained by the Drupal core i18n team. This project does not replace the Internationalization http://drupal.org/project/i18n...

ISPConfig 3.0.5 Cross Site Request Forgery

!-- tanks: Dr Ms Jk - n1arash - Milad Hacking - malahsky...

[SECURITY] Fedora 24 Update: roundcubemail-1.1.5-1.fc24

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Debian Security Advisory DSA 3518-1 (spip - security update)

Several vulnerabilities were found in SPIP, a website engine for publishing, resulting in code injection. CVE-2016-3153 g0uZ et sambecks, from team root-me, discovered that arbitrary PHP code could be injected when adding content. CVE-2016-3154 Gilles Vincent discovered that deserializing untrust...

WordPress Multilingual CMS Plugin <= 3.1.7.1 - Full Path Disclosure

This plugin is prone to a full path disclosure vulnerability. Solution Update plugin...

WordPress Multilingual CMS Plugin <= 3.1.7.1 - Full Path Disclosure

This plugin is prone to a full path disclosure vulnerability. Solution Update plugin...

[SECURITY] Fedora 21 Update: roundcubemail-1.1.2-1.fc21

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Drupal Cloudwords for Multilingual Drupal module cross-site scripting vulnerability

Drupal is a free and open source content management system developed in PHP and maintained by the Drupal community. cloudwords for Multilingual Drupal is one of the modules that provides multiple language translations. A cross-site scripting vulnerability exists in the Drupal Cloudwords for...

CVE-2015-3347

Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...

Cross site scripting

Cross-site scripting XSS vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3347

Cross-site request forgery CSRF vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of unspecified victims via an unknown menu callback...

CVE-2015-3347

The CVE-2015-3347 entry concerns the Cloudwords for Multilingual Drupal module for Drupal 7.x before 7.x-2.3, where a Cross-Site Request Forgery (CSRF) vulnerability could allow remote attackers to hijack a victim’s authenticated session via an unspecified menu callback. Public references confirm...

CVE-2015-3348

Cross-site scripting XSS vulnerability in the Cloudwords for Multilingual Drupal module before 7.x-2.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

CVE-2015-3348

CVE-2015-3348 concerns the Cloudwords for Multilingual Drupal module (Drupal 7.x) prior to 7.x-2.3. The vulnerability is an XSS flaw where remote authenticated users can inject arbitrary script/HTML via a node title due to insufficient sanitization. Affected software: Cloudwords for Multilingual ...