8678 matches found
WordPress Order Export Import Plugin <= 1.0.8 - Order Information Disclosure
This plugin is prone to an order information disclosure vulnerability. It allows attackers to export all order without being authenticated. Solution Update the plugin...
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure Exploit Title: WordPress Plugin Order Export Import for WooCommerce Link: https://wordpress.org/plugins/order-import-export-for-woocommerce/ Version: 1.0.8 Date: 19th 2016 Exploit Author: contact a david-peltier d...
WordPress Order Export Import for WooCommerce Plugin - Order Information Disclosure
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Order Export Import for WooCommerce Link: https://wordpress.org/plugins/order-import-export-for-woocommerce/ Version: 1.0.8 Date: 19th 2016 Exploit Author: contact a david-peltier d fr Vendor Homepage:...
Order Export Import for WooCommerce 1.0.8 - Order Information Disclosure
The Order Export & Order Import for WooCommerce WordPress plugin was affected by an Order Information Disclosure security vulnerability...
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
Exploit Title: WordPress Plugin Order Export Import for WooCommerce Link: https://wordpress.org/plugins/order-import-export-for-woocommerce/ Version: 1.0.8 Date: 19th 2016 Exploit Author: contact a david-peltier d fr Vendor Homepage: xadapter.com Version: 1.0.8 Timeline: Vuln found: 17-09-2016,...
MS16-107: Description of the security update for PowerPoint 2013: September 13, 2016
MS16-107: Description of the security update for PowerPoint 2013: September 13, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file. To learn more about these vulnerabilitie...
[SECURITY] Fedora 23 Update: phpMyAdmin-4.6.4-2.fc23
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
[SECURITY] Fedora 24 Update: phpMyAdmin-4.6.4-2.fc24
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
SUSE-SU-2016:2209-1 Security update for libtcnative-1-0
This update for libtcnative-1-0 fixes the following issues: - Disable 512-bit export-grade cryptography to prevent Logjam vulnerability CVE-2015-4000 bsc938945...
MGASA-2016-0291 Updated phpmyadmin packages fix security vulnerability
In phpMyAdmin before 4.4.15.8, the decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Also, the same initialization vector IV is used to hash the username and...
PT-2016-7226 · Qemu Team +3 · Qemu +3
Name of the Vulnerable Software and Affected Versions: QEMU aka Quick Emulator affected versions not specified Description: A directory traversal issue exists, allowing local guest OS administrators to access host files outside the export path by utilizing a .. dot dot in an unspecified string...
UBUNTU-CVE-2016-7116
Directory traversal vulnerability in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to access host files outside the export path via a .. dot dot in an unspecified string...
TYPO3 'Import/Export' Subcomponent Remote Security Bypass Vulnerability
TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A remote security bypass vulnerability exists in the TYPO3 'Import/Export' Subcomponent. An attacker could exploit the vulnerability to perform unauthorized actions...
SUSE SLES11 Security Update : kernel (SUSE-SU-2016:1672-1)
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. Notable changes in this kernel : - It is now possible to mount a NFS export on the exporting host directly. The following security bugs were fixed : - CVE-2016-5244: A kernel information leak in...
How to Export and Import StoreFront Subscription Database on StoreFront 3.6
This article explains how to export and import a StoreFront subscription database on Storefront 3.6. Background The previous versions of StoreFront had different commands to export and import a StoreFront subscription database. The previous commands are now obsolete. The following is the previous...
WordPress Plugin Mail Masta 1.0 - Local File Inclusion
WordPress Plugin Mail Masta 1.0 - Local File Inclusion + Date: 23-8-2016 + Autor Guillermo Garcia Marcos + Vendor: https://downloads.wordpress.org/plugin/mail-masta.zip + Title: Mail Masta WP Local File Inclusion + info: Local File Inclusion The File Inclusion vulnerability allows an attacker to...
Flashlight - LED Torch Light - Exported components, External URLs, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Flashlight - LED Torch Light published at the 'play' market has multiple vulnerabilities...
LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...
GitLab: Ability to access all user authentication tokens, leads to RCE
Vulnerability details The project export feature serializes the user objects of team members and stores it in the project.json file. This object contains the authenticationtoken for every user, meaning that an attacker can simply go ahead and create a project on GitLab.com, add one of the admins ...
How to Export a VDISK with Versions
Export existing vDisk from PVS vDisk Store and import as a new vDisk...