ModX Revolution 2.3.5-pl Cross Site Scripting Vulnerability

ModX Revolution version 2.3.5-pl suffers from a reflective cross site scripting vulnerability. ModX Revolution 2.3.5-pl: Reflected Cross Site Scripting Vulnerability Security Advisory – Curesec Research Team 1. Introduction Affected Product: ModX Revolution 2.3.5-pl Fixed in: not fixed Fixed...

Bolt 2.2.4 Shell Upload Vulnerability

Bolt version 2.2.4 suffers from a code execution vulnerability via shell upload. Bolt 2.2.4: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: Bolt 2.2.4 Fixed in: 2.2.5 Fixed Version Link: http://bolt.cm/distribution/archive/bolt-2.2.5.zip Vendor Contact:...

CodoForum 3.3.1 - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications CodoForum 3.3.1: Multiple SQL Injection Vulnerabilities Security Advisory – Curesec Research Team http://blog.curesec.com/article/blog/CodoForum-331-Multiple-SQL-Injection-Vulnerabilities-42.html 1. Introduction Affected Product: CodoForum 3.3...

ModX Revolution 2.3.5-pl Cross Site Scripting

ModX Revolution 2.3.5-pl: Reflected Cross Site Scripting Vulnerability Security Advisory – Curesec Research Team 1. Introduction Affected Product: ModX Revolution 2.3.5-pl Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Reflected XSS Remote...

CodoForum 3.3.1 - Multiple SQL Injections

CodoForum 3.3.1 - Multiple SQL Injections CodoForum 3.3.1: Multiple SQL Injection Vulnerabilities Security Advisory – Curesec Research Team http://blog.curesec.com/article/blog/CodoForum-331-Multiple-SQL-Injection-Vulnerabilities-42.html 1. Introduction Affected Product: CodoForum 3.3.1 Fixed in:...

BigTree CMS 4.2.3 - (Authenticated) SQL Injection

BigTree CMS 4.2.3 - Authenticated SQL Injection BigTree CMS 4.2.3: Multiple SQL Injection Vulnerabilities Security Advisory – Curesec Research Team Online-Reference: http://blog.curesec.com/article/blog/BigTree-CMS-423-Multiple-SQL-Injection-Vulnerabilities-39.html 1. Introduction Affected Produc...

BigTree CMS 4.2.3 - (Authenticated) SQL Injection

BigTree CMS 4.2.3: Multiple SQL Injection Vulnerabilities Security Advisory – Curesec Research Team Online-Reference: http://blog.curesec.com/article/blog/BigTree-CMS-423-Multiple-SQL-Injection-Vulnerabilities-39.html 1. Introduction Affected Product: BigTree CMS 4.2.3 Fixed in: 4.2.4 Fixed Versi...

Schneider Electric Modicon M340 PLC Station P34 Module HMI Vulnerabilities

Update Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON. The Industrial Control System Cyber Emergency Response Team ICS-CERT released an alert late last week and patches are currently being validated according to ICS-CE...

Updated gdk-pixbuf2.0 package fixes security vulnerability

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf. This issue is triggered by the scaling of a malformed bitmap format image and results in a potentially exploitable crash CVE-2015-4491...

Shopify - Persistent Embed POST Inject Vulnerability

Document Title: =============== Shopify - Persistent Embed POST Inject Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1556 Video View: https://www.youtube.com/watch?v=5qiJ4UjJtQ Release Date: ============= 2015-08-13 Vulnerability Laboratory ID VL-ID:...

McAfee Application Control Denial of Service Vulnerability

McAfee Application Control is a suite of program control software from the U.S.-based company McAfee. The software protects enterprise servers and endpoints from unauthorized applications and malware threats by using a dynamic trust model. A denial of service vulnerability exists in McAfee...

Integer overflows in libstagefright while processing MP4 video metadata — Mozilla

Security researcher Joshua Drake reported potential integer overflows in the libstagefright library while processing video sample metadata in MPEG4 video files. This can lead to a potentially exploitable crash...

Use-after-free in MediaStream playback — Mozilla

Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash...

Out-of-bounds write with Updater and malicious MAR file — Mozilla

Security researcher Holger Fuhrmannek reported that if the Updater opens a MAR format file with a specially crafted name, an out-of-bounds write will occur. This can lead to a potentially exploitable crash but requires that the malicious MAR format file be present on the local system and the...

Heap overflow in gdk-pixbuf when scaling bitmap images — Mozilla

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf affecting Linux systems using Gnome. This issue is triggered by the scaling of a malformed bitmap format image and results in a potentially exploitable crash...

Out-of-bounds read with malformed MP3 file — Mozilla

Security researcher Aki Helin used the Address Sanitizer tool to discover an out-of-bounds read during playback of a malformed MP3 format audio file which switches sample formats. This could trigger a potentially exploitable crash or the reading of out-of-bounds memory content in some circumstanc...

BigTree CMS 4.2.3 Cross Site Scripting

BigTree CMS 4.2.3: Multiple Cross Site Scripting Vulnerabilities Security Advisory – Curesec Research Team Online Reference: http://blog.curesec.com/article/blog/BigTree-CMS-423-Multiple-Cross-Site-Scripting-Vulnerabilities-38.html 1. Introduction Affected Product: BigTree CMS 4.2.3 Fixed in: 4.2...

Tomabo MP4 Player 3.11.3 SEH Buffer Overflow

!/usr/bin/python Exploit Title: Tomabo MP4 Player 3.11.3 - .m3u SEH Buffer Overflow Date: 03/08/2015 Exploit Author: Saeid Atabaki E-Mail: bytecod3r gmail.com, saeid Nsecurity.org Linkedin: https://www.linkedin.com/in/saeidatabaki Vendor Homepage: http://tomabo.com/mp4-player/index.html Version:...

Xceedium Xsuite - Multiple Vulnerabilities

Xceedium Xsuite - Multiple Vulnerabilities See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt --------------------------------------------------------------------- modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02...

Apple iTunes & AppStore - Persistent Store Vulnerability

Document Title: =============== Apple iTunes & AppStore - Persistent Store Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1517 Video View: https://www.youtube.com/watch?v=iPvmrFgvpDQ Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1512 Releas...