Tumblr Worm affects thousands blogs, spam offensive articles

A notorious group of Internet trolls says it has unleashed a worm that has littered Tumblr blogs with inflammatory and racist posts. A massive bug affecting some 8,600 unique Tumblr users. Gay Nigger Association of America, took responsibility for the attack. The infected post begins: "Dearest...

[SECURITY] Fedora 17 Update: libsocialweb-0.25.21-1.fc17

libsocialweb is a social data server which fetches data from the "social we b", such as your friend's blog posts and photos, upcoming events, recently play ed tracks, and pending eBay auctions. It also provides a service to update your status on web services which support it, such as MySpace and...

Facebook Proposes Eliminating User Voting System for Privacy Changes

Facebook today announced plans to eliminate its voting system that gave users a say in how their privacy is handled. In a statement issued Wednesday, Elliot Schrage, Vice President, Communications, Public Policy and Marketing for the Menlo Park, Calif.-based social media company, said the voting...

[SECURITY] Fedora 18 Update: libsocialweb-0.25.21-1.fc18

libsocialweb is a social data server which fetches data from the "social we b", such as your friend's blog posts and photos, upcoming events, recently play ed tracks, and pending eBay auctions. It also provides a service to update your status on web services which support it, such as MySpace and...

WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities

waraxe-2012-SA093 - Multiple Vulnerabilities in Wordpress Social Discussions Plugin ====================================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-93.html...

Design/Logic Flaw

popup.php in Virtual War aka VWar 1.6.1 R2 allows remote attackers to bypass intended member restrictions and read news posts via a modified newsid parameter in a printnews action...

CVE-2010-5065

popup.php in Virtual War aka VWar 1.6.1 R2 allows remote attackers to bypass intended member restrictions and read news posts via a modified newsid parameter in a printnews action...

CVE-2012-1590

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page...

Code injection

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page...

CVE-2012-1590

The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page...

DEBIAN-CVE-2012-4421

The createpost function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing...

DEBIAN-CVE-2010-5106

The XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, and publish, edit, or delete posts, by leveraging the Author or Contributor role...

Inherit Edit Restrictions for Child Pages

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-26446. panel As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions:...

Inherit Edit Restrictions for Child Pages

As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions: quote'Edit' restrictions are not inherited from the parent page, only from the space. In a space, the 'Add Pages' permission governs both the creation and the editiing of pages. See...

Fake Syria News Posted from Hacked Reuters blog and Twitter account

On Friday, Reuters blog platform was hacked with false posts and on Saturday, the @ReutersTech account on Twitter was taken over and renamed @TechMe. False tweets were sent before it was taken down. The first attack came Friday after Syrian hackers loyal to President Bashar al-Assad allegedly...

DEBIAN-CVE-2012-3385

WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors...

CVE-2012-3385

WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors...

CVE-2012-0792

mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts...

Facebook Anti-Troll System Snagging Ordinary Users

Complaints rang far and wide last week after an automated system for spotting inappropriate Facebook comments began blocking legitimate posts by the social network’s users, including prominent members like Robert Scoble. Facebook users of all stripes have received warnings about posting...

Anchor CMS 0.6 Cross Site Scripting

Exploit for php platform in category web applications Anchor CMS v0.6 Multiple Persistent XSS Vulnerabilities function xss0document.forms"xss0".submit; function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; function xss3document.forms"xss3".submit; function...