XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5

Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendor Contacted: 2015-06-14 Vendor Partial Fix: 2015-07-14...

GetSimpleCMS 3.3.5 XSS / Code Execution / DoS / Weak Auth

Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendor Contacted: 2015-06-14 Vendor Partial Fix: 2015-07-14...

iPhone Safari phone-auto-dial vulnerability (original date: Nov. 2008)

Released since Apple published the iPhone 3.0 security fixes. Vulnerability Report --- BEGIN ADVISORY --- Manufacturer: Apple www.apple.com Device: iPhone 3G iPhone 1st Gen Firmware: 2.1 possible earlier versions Device Type: smart phone Subsystems: Safari and mobile telephony...

pforum: mysql-injection-bug

ppp-design has found a mysql-injection-bug in pforum: Details ------- Product: pforum Version: 1.14 and maybe all versions before OS affected: all OS with php and mysql Vendor-URL: www.powie.de Vendor-Status: informed, workaround available Security-Risk: Medium-High Remote-Exploit: Yes Introducti...

[PkC] Advisory #005: Default Slackware 7.1 installation /etc/shells perms bug

/ pkc005.txt / -= SECURITY ADVISORY 005 =- | www.pkcrew.org / | / | | | | | / | | | | | / | | | | / | | / / | | | / | | | | | PkC | | | / | | | | | | || || || / Packet Knights Crew -= SECURITY ADVISORY 005 =- - Vulnerable program: Linux Slackware 7.1 default installation - Tested on: i386 from...