170 matches found
CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS
Vulnerability title: Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS CVE: CVE-2014-3448 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: The ASPX executable which is responsible for handling file...
BSS Continuity CMS 4.2.22640.0 SQL Injection
Vulnerability title: Unauthenticated Blind SQL Injection in BSS Continuity CMS CVE: CVE-2014-3446 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: he following URL and parameters have been confirmed to suffer from Blind SQL...
BSS Continuity CMS 4.2.22640.0 Code Execution
Vulnerability title: Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS CVE: CVE-2014-3448 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: The ASPX executable which is responsible for handling file...
BSS Continuity CMS 4.2.22640.0 Authentication Bypass
Vulnerability title: Insufficient ACLs in BSS Continuity CMS CVE: CVE-2014-3449 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: 4.2.22640.0 Hotfix Reported by: Jerzy Kramarz Details: The following URL was found to expose the administrative interface of the CMS to...
ENISA Outlines Security Regulations for EU Smart Grid Expansion
The European Union has set a series of ambitious goals for itself: by 2020, the 27 member states expect to collectively use 20 percent renewable energy, reduce CO2 emissions by 20 percent, and increase energy efficiency by 20 percent. In order to accomplish these goals, Europe will need to perfor...
From the In-Security Land to Security in the Cloud
From the In-Security Land to Security in the Cloud "This article aims to share with you some thoughts and concepts associated with Cloud Computing and the risks involved for those who want to venture into the benefits it offers" -- Mariano M. Río "From the In-Security Land to Security in the Clou...
Future Group's E-Commerce Portal Hacked, Disrupting Online Sales
Future Group's plan to boost online sales has encountered a cyber obstacle. Its flagship e-commerce portal, FutureBazaar, was hacked and has been non-functional for the past two days. FutureBazaar CEO Rajiv Prakash described the incident as a "denial of service attack." He stated, "The website ha...
Biz Continuity Outweighs Data Breaches: Study
Data security and breach prevention ranks low as a risk factor for most big technical companies, according to new research that identifies the most widespread concerns among the 100 largest U.S. public technology companies. Read the full article. CSO...
Large DDoS Attacks Still a Serious Problem
In the world of botnets and denial-of-service attacks, 2009 was a very interesting year. While a handful of large, noisy botnets got most of the attention, there were thousands of serious, prolonged DDoS attacks that not only chewed up huge amounts of bandwidth but likely caused major problems fo...
[ELEYTT] 10PAZDZIERNIK2007
Eleytt Research www.eleytt.com Overview: ==================== Michal Bucko, Eleytt, www.eleytt.com/michal.bucko Tomasz Polis, www.eleytt.com Credit: ==================== Michal Bucko, Eleytt, www.eleytt.com/michal.bucko Vulnerability Table =================== 1. CA Erwin Datatype Standards File...