Threat Outbreak Alert RuleID17989: Email Messages Distributing Malicious Software on September 15, 2015

Medium Alert ID: 41000 First Published: 2015 September 15 13:35 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17989 may contain the following files: Name ...

Threat Outbreak Alert RuleID17854: Email Messages Distributing Malicious Software on November 18, 2015

Medium Alert ID: 40904 First Published: 2015 September 9 12:13 GMT Last Updated: 2015 November 19 13:37 GMT Version: 11 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID178...

Threat Outbreak Alert RuleID17774: Email Messages Distributing Malicious Software on September 4, 2015

Medium Alert ID: 40863 First Published: 2015 September 8 13:47 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17774 may contain the following files: Name |...

Threat Outbreak Alert RuleID17612: Email Messages Distributing Malicious Software on August 26, 2015

Medium Alert ID: 40699 First Published: 2015 August 27 13:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17612 may contain the following files: Name |...

WordPress GD bbPress Attachments plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL server to set up a personal blog site. gd bbPress Attachments is one of the support for uploading attachments to the bbPress open-source forum progra...

WordPress GD bbPress Attachments Plugin Directory Traversal Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports the PHP and MySQL server to set up a personal blog site. gd bbPress Attachments is one of the support for uploading attachments to the bbPress open-source forum progra...

CVE-2015-5482

Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. dot dot in the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

CVE-2015-5481

Cross-site scripting XSS vulnerability in forms/panels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

Cross site scripting

Cross-site scripting XSS vulnerability in forms/panels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

Directory traversal

Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. dot dot in the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

CVE-2015-5481

The CVE-2015-5481 entry documents a Cross-site scripting (XSS) vulnerability in the GD bbPress Attachments WordPress plugin. Affects versions prior to 2.3, vulnerable code resides in forms/panels.php where the tab parameter of gdbbpress_attachments (on wp-admin/edit.php) is not properly filtered,...

CVE-2015-5481

Cross-site scripting XSS vulnerability in forms/panels.php in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

CVE-2015-5482

Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. dot dot in the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...

CVE-2015-5482

The CVE refers to the WordPress plugin GD bbPress Attachments, affected versions prior to 2.3. The vulnerability is a directory traversal in the gdbbpress_attachments page (tab parameter) that allows remote administrators to include and execute local files via wp-admin/edit.php. Impact is arbitra...

Novell GroupWise WebAccess Cross-Site Scripting (CVE-2014-0611)

A cross-site scripting vulnerability exists in Novell GroupWise WebAccess. The vulnerability is due to lack of input validation when handling email attachments. A remote, unauthenticated attacker can exploit this vulnerability by enticing a target user to view crafted web content. A successful...

Click-Fraud Malware Spreading via JavaScript Attachments

A new malware campaign has been spotted that has begun seeding spam messages with a downloader heavily obfuscated with JavaScript. The SANS Internet Storm Center said today that two days ago, a flood of spam messages were observed laced with .js attachments. The JavaScript obfuscates a downloader...

Threat Outbreak Alert RuleID17014: Email Messages Distributing Malicious Software on July 28, 2015

Medium Alert ID: 40192 First Published: 2015 July 28 18:07 GMT Last Updated: 2015 July 29 10:58 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17014 and...

CVE-2015-5379: Axigen XSS vulnerability for html attachments

CVEID: CVE-2015-5379 SUBJECT: Axigen XSS vulnerability for html attachments DESCRIPTION: Axigen's WebMail Ajax interface implements a view attachment function that executes javascript code that is part of email HTML attachments. This allows a malicious user to craft email messages that could expo...

WordPress GD bbPress Attachments 2.1 Cross Site Scripting / Local File Inclusion Vulnerabilities

WordPress GD bbPress Attachments plugin version 2.1 suffers from a cross site scripting and Local File Inclusion Vulnerabilities Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report:...

WordPress GD bbPress Attachments 2.1 Cross Site Scripting

Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report: https://security.dxw.com/advisories/reflected-xss-in-gd-bbpress-attachments-allows-an-attacker-to-do-almost-anything-an-admin-can/ CVE: Awaiting...