X (Formerly Twitter): XSS in original referrer after follow

Hey hi, There is a XSS in the intent functionality , Steps to reproduce ======================= 1 copy paste the following Link https://twitter.com/intent/favorite/complete?tweetid=572435913768366080&alreadyfavorited=false&originalreferer=javascript:alert%281%29; 2 Click follow 3 now click return...

Exploiting XXE Vulnerabilities in OXML Documents - Part 1

OXML is a common document format; think docx Microsoft Word Document, pptx Microsoft Powerpoint, xlsx Excel Spreadsheet, etc. An OXML document is a zip file containing XML files and any media files. When the document is rendered, the rendering library unzips the document and then parses the...

HelpDezk Multiple Vulnerabilities (Mar 2015)

HelpDezk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : jenkins -- multiple vulnerabilities (7480b6ac-adf1-443e-a33c-3a3c0becba1e)

Kohsuke Kawaguchi from Jenkins team reports : DescriptionSECURITY-125 Combination filter Groovy script unsecured This vulnerability allows users with the job configuration privilege to escalate his privileges, resulting in arbitrary code execution to the master. SECURITY-162 directory traversal...

X (Formerly Twitter): Redirect URL in /intent/ functionality is not properly escaped

Choose a tweet from a user that the victim follows but not favorited. Send the victim message like "Please favorite this:...

Piwigo 2.7.3 Cross Site Scripting / SQL Injection Vulnerabilities

CMS Piwigo versions 2.7.3 and below suffer from cross site scripting and remote SQL injection vulnerabilities. Reflecting XSS- and SQL Injection vulnerability in CMS Piwigo = v. 2.7.3 Author: Steffen Rösemann Affected Software: CMS Piwigo = v. 2.7.3 Release date: 9th January 2015 Vendor URL:...

[SECURITY] Fedora 20 Update: roundcubemail-1.0.5-1.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

“After this job” (Daisy Chain) behavior change in Veeam Backup & Replication v8

This article documents the behavioral change made to the “After this job” function in Veeam Backup & Replication v8...

Input validation

The kernel in Apple OS X before 10.10.2 does not properly perform identitysvc validation of certain directory-service functionality, which allows local users to gain privileges or spoof directory-service responses via unspecified vectors...

WordPress Geo Mashup 1.8.2 Cross Site Scripting

Vulnerability title: Wordpress Geo Mashup plugin XSS Author: Paolo Perego CVE: CVE-2015-1383 Affected versions: = 1.8.2 Fixed version: 1.8.3 January, 11 2015 Product link: https://wordpress.org/plugins/geo-mashup/ Description Geo Mashup is a wordpress plugin designed to let you save location...

Design/Logic Flaw

pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files...

JVN#27142693: NP-BBRM vulnerable in UPnP functionality

NP-BBRM provided by I-O DATA DEVICE, INC. is a LAN router. NP-BBRM contains a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution Disable UPnP Disable UPnP functionality from the management configuration in the settings screen...

Updated webmin packages fix security vulnerabilities

Updated webmin package fixes security vulnerability: The webmin package has been updated to version 1.730 to fix possible security issues that could be caused by malicious symlinks when reading mail. The updated version also has various bug fixes, translation updates, and functionality...

MGASA-2015-0007 Updated webmin packages fix security vulnerabilities

Updated webmin package fixes security vulnerability: The webmin package has been updated to version 1.730 to fix possible security issues that could be caused by malicious symlinks when reading mail. The updated version also has various bug fixes, translation updates, and functionality...

Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1

Advisory: Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1 Advisory ID: SROEADV-2014-02 Author: Steffen Rцsemann Affected Software: CMS Serendipity v.2.0-rc1 Release: 20th Dec 2014 Vendor URL: http://www.s9y.org/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability...

OracleVM 3.3 : bind (OVMSA-2014-0084)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-8500 1171973 - Use /dev/urandom when generating rndc.key file 951255 - Remove bogus file from /usr/share/doc, introduced by fix for bug 1092035 - Add support for TLSA resource records...

Windows Command Shell, Hidden Bind TCP Stager

Spawn a piped command shell staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 343...

Reflective DLL Injection, Hidden Bind TCP Stager

Inject a DLL via a reflective loader. Listen for a connection from a hidden port and spawn a command shell to the allowed host. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 343...

Persistent XSS Vulnerability in CMS Papoo Light v6.0.0 Rev. 4701

Advisory: Persistent XSS Vulnerability in CMS Papoo Light v6 Advisory ID: SROEADV-2014-01 Author: Steffen Rцsemann Affected Software: CMS Papoo Version 6.0.0 Rev. 4701 Vendor URL: http://www.papoo.de/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description:...

CVE-2014-2026

Cross-site scripting XSS vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter...