75 matches found
WordPress Easy Modal 2.0.17 Plugin - SQL Injection Vulnerability
Exploit for php platform in category web applications WordPress Easy Modal Plugin Multiple Security Vulnerabilities Advisory Title: WordPress Easy Modal Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Easy Modal plugin Language: PHP...
Internet Bug Bounty: Apache HTTP Request Parsing Whitespace Defects
Apache HTTP Server, prior to release 2.4.25, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated...
WordPress Tribulant Newsletters 4.6.4.2 XSS / File Disclosure
DefenseCode WebScanner DAST Advisory WordPress Tribulant Newsletters Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-012 Advisory Title: WordPress Tribulant Newsletters Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress...
WordPress AffiliateWP 2.0.8 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory WordPress AffiliateWP Plugin Security Vulnerability Advisory ID: DC-2017-05-05 Advisory Title: WordPress AffiliateWP Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress AffiliateWP Plugin Language: PHP...
WordPress All In One Schema.org Rich Snippets 1.4.1 XSS
DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory ID: DC-2017-01-002 Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Softwar...
Omeka 2.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
html...
Byword 2.x File Overwrite Vulnerability
The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in a byword://replace URL. Affected Vendor: http://metaclassy.com/ - Affected Software: Byword for iO...
phpFox <= 3.0.1 (ajax.php) Remote Command Execution Exploit
Exploit for php platform in category web applications ?php / ----------------------------------------------------------- phpFox = 3.0.1 ajax.php Remote Command Execution Exploit ----------------------------------------------------------- author.............: Egidio Romano aka EgiX...
Particle Wiki Index.PHP SQL Injection Vulnerability
Particle Wiki is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user- supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit...
OpenX <= 2.8.1 execute arbitrary PHP code-exploits warning-the black bar safety net
Test method: OpenX adserver version 2.8.1 and lower is vulnerable to remote code execution. To be exploited, this vulnerability requires banner / file upload permissions, such as granted to the 'advertiser' and 'administrator' roles. This vulnerability is caused by the insecure file upload...
Directory traversal flaw in shttp
The most recent version of this advisory including any updates is available at: http://www.digineo.co.uk/shttpdirectorytraversal Directory Traversal Flaw in shttp --------------------------------- Affected product: shttp Product vendor: Vito Caputo - http://serverkit.org/modules/contrib/shttp/...
CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisoryMicrosoftWindowsDHCPClientServiceRemoteBufferOverflow.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: Microsoft Windows DHC...
ROS-2-3870
2.3870 Notification on the update of the Red OS OPERATION SYSTEM No RU.29926343.02.01-01-23 Due to quality improvement and bug fixing, an updated version of MIS Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing...
ROS-2-3312
2.3312 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the firewall Operating System "RED OS" 7.3 has been released. You can contact the technical support service within the framework of your existing technical suppo...
Update for Windows 8.1 (KB3139921)
Update for Windows 8.1 KB3139921...