JVN#41703192: TOWN (modified version) vulnerable to directory traversal

TOWN modified version provided by Tattyan's HP contains a directory traversal vulnerability. Impact A remote attacker may obtain arbitrary files on the server. Solution Apply an update Update to the latest version according to the information provided by the developer. Products Affected TOWN...

WordPress Blogggie Shell Upload

Exploit Title : Wordpress Themes Bloggie Arbitrary File Upload Vulnerability Author : ReC0ded Vendor : http://themify.me/ Download : http://themify.me/themes/Bloggie Date : 22, November 2013. Type : php, html, htm, asp, etc. Category : Web Applications Vulnerability : File Upload Tested On :...

JVN#97810280: KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates

KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by th...

Light Alloy 4.7.3 - .m3u Local Buffer Overflow (SEH Unicode)

Light Alloy 4.7.3 - .m3u Local Buffer Overflow SEH Unicode !/usr/bin/perl Exploit Title: Light Alloy 4.7.3 .m3u - SEH Buffer Overflow Unicode Date: 11-18-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Light Alloy v4.7.3 Vendor Site: http://www.light-alloy.ru/...

ImpressPages CMS 3.6 Remote Code Execution

!/usr/bin/python ImpressPages CMS v3.6 manage Function Remote Code Execution Exploit Vendor: ImpressPages UAB Product web page: http://www.impresspages.org Affected version: 3.6, 3.5 and 3.1 Summary: ImpressPages CMS is an open source web content management system with revolutionary drag & drop...

Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (1)

Exploit Title : Multiple CSRF Horde Groupware Web mail Edition Author:Marcela Benetrix Date: 10/25/13 version: 5.1.2 software link:http://www.horde.org/apps/webmail GroupWare Web mail Edition Horde Groupware Webmail Edition is a free, enterprise ready, browser based communication suite. Users can...

Google to Pay Rewards For Patches to Open Source Projects

Google, one of the first companies to offer a significant bug bounty program, is extending its rewards to researchers and developers who contribute patches to a variety of open source projects and have an effect on the security of the project. The new rewards will range from $500 to $3,133.70, an...

[OWASP Zed Attack Proxy 2.2.1] Tool for finding vulnerabilities in web applications (Now supports CWE)

OWASP Zed Attack Proxy ZAP An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing...

U.S. Government asked Linus Torvalds to insert Backdoor Into Linux

At the Linuxcon conference in New Orleans today, Linus Torvalds and the other top Linux developers, talked to the Linux faithful about Linux, Microsoft, and other issues. During a question-and-answer ‪session ‬at ‪the LinuxCon, Linux Torvalds admitted to questions from the audience that the U.S...

Uninitialized data in IonMonkey — Mozilla

Software developer Dan Gohman of Google reported uninitialized data and variables in the IonMonkey Javascript engine when running the engine in Valgrind mode. This could be combined with additional exploits to allow the reading and use of previously allocated memory in some circumstances...

VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability

========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...

CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE

Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...

Java Code-Signing, Security Prompts Fail with Developers

Why would a software company require developers to sign code, thereby ensuring a modicum of trust—but not security—and then shatter that trust by allowing signed applets to bypass their own application sandbox? Welcome to the world of Oracle and Java, where a once healthy programming language has...

MikroTik RouterOS - sshd (ROSSSH) Remote Heap Corruption

MikroTik RouterOS - sshd ROSSSH Remote Heap Corruption During an audit the Mikrotik RouterOS sshd ROSSSH has been identified to have a remote previous to authentication heap corruption in its sshd component. Exploitation of this vulnerability will allow full access to the router device. This...

MikroTik RouterOS - sshd (ROSSSH) Remote Heap Corruption

During an audit the Mikrotik RouterOS sshd ROSSSH has been identified to have a remote previous to authentication heap corruption in its sshd component. Exploitation of this vulnerability will allow full access to the router device. This analysis describes the bug and includes a way to get...

VoltEdit CMS SQL Injection / Shell Upload

========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...

Android Malware Found Exploiting Google Cloud Messaging Service

Researchers have discovered a number of malicious Android apps are using Google’s Cloud Messaging service and leveraging it as a command and control server to carry out attacks. A post on Securelist today by Kaspersky Lab’s Roman Unuchek, breaks down five Trojans that have been spotted checking i...

Questions Linger About New Linux 'Hand of Thief' Trojan

It looks like cybercriminals will soon be able to add yet another Trojan to their hacking repertoire, the Hand of Thief banking malware that targets Linux machines. Currently being sold on the Russian black market, Hand of Thief is fetching $2,000 USD €1,500 EUR but could be poised to run a cool...

Joomla! Component com_sectionex 2.5.96 - SQL Injection

Joomla! Component comsectionex 2.5.96 - SQL Injection ------------------------------------------------------------------------------------- Joomla comsectionex v2.5.96 SQL Injection vulnerabilities ------------------------------------------------------------------------------------- == Descriptio...

Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability

Exploit for php platform in category web applications Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karev...