Hsort Newspaper Management System Exploits Arbitrary File Download Vulnerability

Hsort Newspaper Management System is a set of software for newspapers, magazines, digital version of the publication, update software, just contain the article content of the plain text for simple identification, can be quickly generated by this software according to the template of the entire si...

TransmitMail vulnerable to directory traversal

Overview TransmitMail is a PHP based mail form. TransmitMail contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

jBPM: BPMN2 file processing XXE in Process Execution

It was discovered that the jBPM runtime performed expansion of external parameter entities while executing BPMN2 files. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity XXE...

RESTEasy: XXE via parameter entities

It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible...

RESTeasy: External entities expanded by DocumentProvider

It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessibl...

PicketLink: XXE via insecure DocumentBuilderFactory usage

It was found that the implementation of the org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method provided a DocumentBuilderFactory that would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the...

Malware cleanup to Gravity Forms arbitrary file upload-vulnerability warning-the black bar safety net

Regular malware detection cleanup process, we encountered one case of infection, caused our attention. Our environment does not have any special or fancy stuff, just updated wordpress and 3 expired plug-in; this situation is quite reasonable. The processing process ends, the environment is clean...

RESTeasy: External entities expanded by DocumentProvider

It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessibl...

RESTeasy: External entities expanded by DocumentProvider

It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessibl...

Java: XML eXternal Entity (XXE) flaw in ParserPool and Decrypter

It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity XXE attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform oth...

apache-poi: XML eXternal Entity (XXE) flaw

It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server, and potentially perform more advanced XML External Entity...

RESTEasy: XXE via parameter entities

It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible...

PicketLink: XXE via insecure DocumentBuilderFactory usage

It was found that the implementation of the org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method provided a DocumentBuilderFactory that would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the...

com_flyspray Mambo Com. <= 1.0.1 - Remote File Disclosure Vulnerability

No description provided by source. | \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/ Compononent name:comflyspray Affected Version:1.0.1...

CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...

mkportal <= 1.2.1 () Multiple Vulnerabilities

No description provided by source. waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind waraxe Date: 15. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-70.html...

Researcher Warns of Critical Flaws in Oracle Servers

There are two vulnerabilities in some of Oracle’s older database packages that allow an attacker to access a remote server without a password and even view the server’s filesystem and dump arbitrary files. Oracle has not released a patch for one of the flaws, even though it was reported by a...

Patched Microsoft Office 365 XSS Vulnerability Disclosed

A researcher in the UK disclosed the details of a serious cross-site scripting vulnerability in Office 365 that would allow an attacker with a mailbox on Office 365 to gain administrator rights over the Microsoft Web-based application in an organization. An exploit in an enterprise environment...

Tech-ex 6. x~8. x getshell 0day-vulnerability warning-the black bar safety net

Brief description: Not on the submitted parameter is determined, the result can be written to any file on the server... Detailed description: Wap/Plus/PhotoVote. asp 1 4 - 2 3 Dim KS:Set KS=New PublicCls Dim ID:ID = ReplaceKS. S"ID"," ","" Dim ChannelID:ChannelID=KS. G"ChannelID" If ChannelID=""...

[SECURITY] [DSA 2510-1] extplorer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2510-1 [email protected] http://www.debian.org/security/ Luciano Bello July 12, 2012 http://www.debian.org/security/faq -...