16 matches found
WordPress Plugin Better WP Security 3.4.83.4.93.4.103.5.23.5.3 - Persistent Cross-Site Scripting
WordPress Plugin Better WP Security 3.4.83.4.93.4.103.5.23.5.3 - Persistent Cross-Site Scripting ======= Summary ======= Name: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE Release Date: 30 July 2013 Reference: NGS00500 Discoverer: Richard Warren Vendor: Bit51 Vendor...
Oracle Hyperion 11 - Directory Traversal
Oracle Hyperion 11 - Directory Traversal ======= Summary ======= Name: Oracle Hyperion 11 - Directory Traversal Release Date: 30 July 2013 Reference: NGS00434 Discoverer: Richard Warren Vendor: Oracle Vendor Reference: S0318807 Systems Affected: Oracle Hyperion 11.1.1.3, 11.1.1.4.107 and earlier,...
Bit51 Better WP Security Plugin XSS / Command Execution
======= Summary ======= Name: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE Release Date: 30 July 2013 Reference: NGS00500 Discoverer: Richard Warren Vendor: Bit51 Vendor Reference: Systems Affected: Bit51 Better WP Security Plugin Version 3.4.8/3.4.9/3.4.10/3.5.2/3.5.3 Risk...
NGS000330 Technical Advisory: Squiz CMS File Path Traversal
======= Summary ======= Name: Squiz CMS - File Path Traversal Release Date: 30 November 2012 Reference: NGS00330 Discoverer: Robert Ray [email protected] Vendor: Squiz Vendor Reference: 11846 Systems Affected: Squiz CMS V11654 Risk: High Status: Published ======== TimeLine ========...
NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection
======= Summary ======= Name: Nagios XI Network Monitor - OS Command Injection Release Date: 30 November 2012 Reference: NGS00196 Discoverer: Daniel Compton [email protected] Vendor: Nagios Vendor Reference: 0000283 Systems Affected: Nagios XI Network Monitor 2011R1.9 Risk: High Status...
Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download
Symantec Messaging Gateway 9.5.3-3 - Arbitrary File Download ======= Summary ======= Name: Symantec Messaging Gateway - Arbitrary file download is possible with a crafted URL authenticated Release Date: 30 November 2012 Reference: NGS00266 Discoverer: Ben Williams Vendor: Symantec Vendor Referenc...
NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow
======= Summary ======= Name: Oracle Gridengine sgepasswd Buffer Overflow Release Date: 30 November 2012 Reference: NGS00107 Discoverer: Edward Torkington [email protected] Vendor: Oracle Vendor Reference: Systems Affected: Multiple packages - version 62u7 Risk: High Status: Publish...
NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email
======= Summary ======= Name: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email Release Date: 30 November 2012 Reference: NGS00268 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway 9.5.3-3 Risk:...
NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL
======= Summary ======= Name: Symantec Messaging Gateway - Arbitrary file download is possible with a crafted URL authenticated Release Date: 30 November 2012 Reference: NGS00266 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec...
NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator
======= Summary ======= Name: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator for example Release Date: 30 November 2012 Reference: NGS00263 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway...
Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery
======= Summary ======= Name: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator for example Release Date: 30 November 2012 Reference: NGS00263 Discoverer: Ben Williams Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway 9.5.3-3 Risk: High Status:...
Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
======= Summary ======= Name: Symantec Messaging Gateway - Arbitrary file download is possible with a crafted URL authenticated Release Date: 30 November 2012 Reference: NGS00266 Discoverer: Ben Williams Vendor: Symantec Vendor Reference: Systems Affected: Symantec Messaging Gateway 9.5.3-3 Risk:...
Squiz CMS 11654 File Path Traversal
======= Summary ======= Name: Squiz CMS - File Path Traversal Release Date: 30 November 2012 Reference: NGS00330 Discoverer: Robert Ray Vendor: Squiz Vendor Reference: 11846 Systems Affected: Squiz CMS V11654 Risk: High Status: Published ======== TimeLine ======== Discovered: 29 June 2012 Release...
Nagios XI Network Monitor 2011R1.9 OS Command Injection
======= Summary ======= Name: Nagios XI Network Monitor - OS Command Injection Release Date: 30 November 2012 Reference: NGS00196 Discoverer: Daniel Compton Vendor: Nagios Vendor Reference: 0000283 Systems Affected: Nagios XI Network Monitor 2011R1.9 Risk: High Status: Published ======== TimeLine...
SysAid Helpdesk 8.5 Pro SQL Injection Vulnerability
SysAid Helpdesk version 8.5 Pro suffers from multiple remote blind SQL injection vulnerabilities. ======= Summary ======= Name: SysAid Helpdesk Pro - Blind SQL Injection Release Date: 30 November 2012 Reference: NGS00241 Discoverer: Daniel Compton Vendor: SysAid Vendor Reference: Systems Affected...
Squiz CMS 11654 File Path Traversal Vulnerability
Exploit for php platform in category web applications ======= Summary ======= Name: Squiz CMS - File Path Traversal Release Date: 30 November 2012 Reference: NGS00330 Discoverer: Robert Ray Vendor: Squiz Vendor Reference: 11846 Systems Affected: Squiz CMS V11654 Risk: High Status: Published...