779 matches found
SOL40524634 - OpenSSL vulnerability CVE-2016-0797
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
[SECURITY] Fedora 23 Update: php-htmLawed-1.1.21-1.fc23
PHP code to purify and filter HTML make HTML markup in text secure and standard-compliant process text for use in HTML, XHTML or XML documents restrict HTML elements, attributes or URL protocols using black or white-lists balance tags, check element nesting, transform deprecated attributes and...
Benefits Access - Customized SSL, Exported ContentProvider, Hardcoded secrets vulnerabilities
HackApp vulnerability scanner discovered that application Benefits Access published at the 'play' market has multiple vulnerabilities...
Metabrik - Perl Brik Platform
Smartphones have their apps, Web browsers have their apps, shells don’t. With Metabrik , we tried to merge the power of shells with the power of the Perl language by creating a platform allowing to quickly write reusable Briks. Metabrik goals: Glue the Perl language with a shell Give a standardis...
How do I Customize Unified Gateway Portal?
Use Case Portal is the first interaction point for end users and hence important to have correct representation of an organization. Customize the look and feel, color, logo and labels on the Gateway portal to brand the portal as per organizational standards. Introduction to Portal Customization...
Dimofinf 3.0.0 SQL Injection
Dimofinf CMS Automatic Cookie SQL Injection exploit Google Dork: intext:"Powered by Dimofinf" Date: 19/11/2015 Author: D35m0nd142 Software link: http://www.dimofinf.net Version: 3.0.0 Tested on: Dimofinf version 3.0.0 Sometimes it happens that the vulnerability allow you to get moderators' userna...
SOL17377 - PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
How to Activate GodMode in Windows 10
Microsoft's Windows 10, the latest version of Windows Operating System, has been creating waves since it rolled out, and reached to 110 million devices within just 2 months. If you are a long-time Windows user, you may remember a trick called, 'God Mode'. God Mode is an inbuilt, but hidden featur...
DigitalSellz: The email updates issues
The email message content at the https://www.digitalsellz.com/user//email-updates page contrary to the email customization one is not validated properly. So this form allows all the html tags and their parameters. For example, all the following tags are sent as is: Link Link alert3 and all their...
Gello: Cyanogen's Customizable Web Browser for Android
Get ready for a new Android Browser! Android ROM developer CyanogenMod has announced that it is working on a new browser for Android devices. Dubbed Gello, the open-source browser is based on Google's Chromium project and includes a ton of customization options for Android. The team provided a...
From the client game bug looking of security risks-vulnerability warning-the black bar safety net
Although the now app development a growing trend in web applications, large-scale software also makes extensive use of the existing framework with the existing frameworks and engines improve, the vast majority of security issues have been resolved. But encountered some customization needs,...
Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability (cisco-sa-20141008-asa)
A vulnerability in the Clientless SSL VPN portal customization framework could allow an unauthenticated, remote attacker to modify the content of the Clientless SSL VPN portal, which could lead to several attacks including the stealing of credentials, cross-site scripting XSS, and other types of...
OWASP SSL audit: O-Saft
O-Saft is an easy to use tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. It’s designed to be used by penetration testers, security auditors or server administrators. The idea is to show the important...
CFME: default fallback password in customization_templates.yml
It was found that the CloudForms Management Engine customization template used a default root password for newly created images if no root password was specified...
[SECURITY] Fedora 20 Update: drupal6-flag-2.1-3.fc20
Flag is a flexible flagging system that is completely customizable by the administrator. Using this module, the site administrator can provide any number of flags for nodes, comments, users, and any other type of entity. Some possibilities include bookmarks, marking important, friends, or flag as...
Exploit for Improper Input Validation in D.J.Bernstein Djbdns
What is MaraDNS MaraDNS is a free open-source computer progra...
Drupal 7.31 version of the explosion a serious SQL injection vulnerability-vulnerability warning-the black bar safety net
This morning a foreign security researchers on Twitter exposed a Drupal 7.31 version of the latestSQL injectionvulnerabilities and gives using a test of the EXP code, small local structures Drupal7. 3 1 environment, tested, found that the use of the code can be successfully executed and the...
CVE-2014-3393
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.25.51, 8.3 before 8.32.42, 8.4 before 8.47.23, 8.6 before 8.61.14, 9.0 before 9.04.24, 9.1 before 9.15.12, and 9.2 before 9.22.4 does not properly implement authentication, which allows remote attackers to...
Authentication flaw
The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.25.51, 8.3 before 8.32.42, 8.4 before 8.47.23, 8.6 before 8.61.14, 9.0 before 9.04.24, 9.1 before 9.15.12, and 9.2 before 9.22.4 does not properly implement authentication, which allows remote attackers to...
Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability
A vulnerability in the Clientless SSL VPN portal customization framework could allow an unauthenticated, remote attacker to modify the content of the Clientless SSL VPN portal, which could lead to several attacks including the stealing of credentials, cross-site scripting XSS, and other types of...