5327 matches found
Theory PHP Common Vulnerabilities first bomb: installation problems-vulnerability warning-the black bar safety net
First get a copy of the source code, certainly is the first install, and the installation file will often appear problem. Generally the installation file after the installation is complete, basically not automatically delete the install file, I encountered will be automatically deleted if it...
Jetpack for WordPress: source code security analysis report
Several vulnerabilities were discovered in Automatic 'Jetpack for WordPress' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in...
US charges Chinese ex-IBM employee with Espionage
The United States federal authorities have boosted charges against a former IBM Corp. software developer in China for allegedly stealing valuable source code from his former employer in the US. Chinese national Xu Jiaqiang, 30, was arrested by the FBI in December last year, when he was charged wi...
Advanced Module Manager Free extension for Joomla!: source code security analysis report
Several vulnerabilities were discovered in Regular Labs 'Advanced Module Manager Free extension for Joomla!' software: Using Insufficiently Random Generators in Cryptography Incorrect Permissions for External Entities During XML Document Processing Incorrect User Input Filtration when Generating...
Armadito Antimalware - Backdoor AccessBypass
Armadito Antimalware - Backdoor AccessBypass / Exploit Title : Armadito antimalware - Backdoor/Bypass Date : 07-06-2016 DD-MM-YYYY Exploit Author : Ax. Vendor Homepage : http://www.teclib-edition.com/teclib-products/armadito-antivirus/ Software Link : https://github.com/41434944/armadito-av Versi...
Armadito Antimalware - Backdoor Access/Bypass
/ Exploit Title : Armadito antimalware - Backdoor/Bypass Date : 07-06-2016 DD-MM-YYYY Exploit Author : Ax. Vendor Homepage : http://www.teclib-edition.com/teclib-products/armadito-antivirus/ Software Link : https://github.com/41434944/armadito-av Version : No version specified. Fixed 07-06-2016...
WordPress Simple Backup 2.7.11 Plugin - Multiple Vulnerabilities
Exploit for php platform in category web applications Meta information Exploit Title: Wordpress plugin simple-backup - Multiple vulnerabilities Date: 2016-06-02 Exploit Author: PizzaHatHacker A gmail . com Vendor Homepage: DEAD LINK https://wordpress.org/plugins/simple-backup/ Software Link: DEAD...
FreeBSD-SA-16:22.libarchive
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:22.libarchive Security Advisory The FreeBSD Project Topic: Directory traversal in cpio1 Category: contrib Module: libarchive Announced: 2016-05-31 Credits:...
FreeBSD-SA-16:20.linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:20.linux Security Advisory The FreeBSD Project Topic: Kernel stack disclosure in Linux compatibility layer Category: core Module: linux4 Announced: 2016-05-3...
XSS Hunter is Now Open Source – Here’s How to Set It Up!
Recently I opened up XSS Hunter for public registration, this was after publishing a post on how I used XSS Hunter to hack GoDaddy via blind XSS and pointed out that many penetration testers use a very limited alert box-based pentesting methodology which will not detect these types of issues. Aft...
JVN#13794955: Source code of Old_GSI_Maps prior to January, 2015 vulnerable to directory traversal
kml2jsonp.php contained in source code of OldGSIMaps prior to January, 2015 provided by the Geospatial Information Authority of Japan GSI contains a directory traversal vulnerability CWE-22. Impact When the product is used in Windows, a remote attacker may obtain arbitrary files from the server...
CMSimple CMS: source code security analysis report
Several vulnerabilities were discovered in CMSimple 'CMSimple CMS' software: File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Global Variables Using Insufficiently Random Generators in Cryptography HttpOnly...
FFmpeg remote file stealing vulnerabilities – moving end of the safety analysis report-vulnerability warning-the black bar safety net
0x1 vulnerability of origin FFmpeg remote file stealing vulnerabilities original source is Foreign vulnerability of the platform,the last year has been in the CTF match is used. Official in January of this year released the fixed version and published the vulnerability number CVE-2 0 1 6-1 8 9...
Symantec/Norton anti-virus engine remote Heap/Pool memory corruption vulnerability analysis CVE-2 0 1 6-2 2 0 8-a vulnerability warning-the black bar safety net
! Recently, Symantec and Norton products using the core anti-virus engine was traced to the presence of high-risk vulnerabilities. It is in the parsing by aspack early version of the packaged executable file will occur when the buffer overflow, leading to memory corruption, Windows systems blue...
Concrete5 CMS: source code security analysis report
Several vulnerabilities were discovered in Portland Labs 'Concrete5 CMS' software: File System Path Manipulation Using Global Variables Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography HttpOnly Cookies Incorrect Permissions...
FreeBSD-SA-16:19.sendmsg
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:19.sendmsg Security Advisory The FreeBSD Project Topic: Incorrect argument handling in sendmsg2 Category: core Module: kernel Announced: 2016-05-17 Credits:...
CVE-2016-1208
The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors...
Code injection
The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors...
CVE-2016-1208
The CVE-2016-1208 issue affects FileMaker Server on macOS X versions prior to 14.0.4, where the server allows remote attackers to read PHP source code via unspecified vectors. Root cause is a server-side exposure that reveals PHP sources when Custom Web Publishing with PHP is enabled. Affected pr...
CVE-2016-1208
The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors...