WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016...

The vulnerability of the Cisco Unified Communications Manager software allows a malicious individual to obtain a one-time code (nonce) for an ECDSA encryption algorithm.

The vulnerability exists in the implementation of the Montgomery algorithm in OpenSSL, due to the temporal impermanence of the operations involved in padding. Exploiting this vulnerability allows local users to obtain a one-time code nonce for ECDSA by attacking the cache through external channel...

The vulnerability of Cisco IPS’ software allows a malicious individual to obtain a one-time code (nonce) for ECDSA encryption.

The vulnerability exists in the implementation of the Montgomery algorithm in OpenSSL, due to the temporal impermanence of the padding operations. Exploiting this vulnerability allows local users to obtain a one-time code nonce for ECDSA by attacking the cache through external channels using the...

Untangle NGFW 12.1.0 Beta execEvil() Command Injection

!/usr/bin/python Title: Untangle NGFW " print "! and in a separat...

SOL05405841 - GCM nonce vulnerability CVE-2016-0270

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

Petya of Salsa: a modified algorithm to bring the defect-vulnerability warning-the black bar safety net

Previously the Hubble analysis of the system describes about the modified MBR for disk encryption extortion Trojan Petya's. Recently Leo Stone gives crack Petya key full blasting code and decrypt tool, and noted that Petya author is using a variant of the Salsa20 algorithm to perform key...

OptinMonster <= 1.1.4.5 - Execution of Arbitrary Shortcodes

Unauthenticated users are able to execute arbitrary WordPress shortcodes via a simple HTTP GET request. While the command is protected by a nonce, the nonce is leaked on every page load...

Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCup22487)

The remote Cisco IOS XE device is missing a vendor-supplied security patch, and its web user interface is configured to use HTTPS. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library : - An error exists in the ssl3readbytes function that could allow data to ...

Gratipay: Prevent content spoofing on /~username/emails/verify.html

Hi, When an user add his email then a verification link has been sent to that email. the link looks like this https://gratipay.com/exampleuser/emails/verify.html?email=example%40gmail.com&nonce=cb2487f6-61cf-4a8a-81af-c8fab6fe0f90 The link has three changeable things. 1. Username ex: exampleuser ...

Users Ultra Membership Plugin <= 1.5.62 - Authenticated Stored Cross-Site Scripting (XSS) & CSRF

Both pname and pdesc are vulnerable. No nonce on form so also vulnerable to CSRF. Original researcher's PoC does not work as all parameters are needed to be submitted not just the pname parameter...

SUSE-SU-2015:1983-1 Security update for squid

squid was updated to fix two security issues. These security issues were fixed: - CVE-2014-6270: Fixed an off by one in snmp subsystem bsc895773. - CVE-2014-9749: Fixed a nonce replay vulnerability in Digest authentication bsc949942...

Wordpress Ajax Load More Plugin 2.8.1.1 Upload Shell Exploit

This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress Ajax Load More 2.8.0 with WordPress 4.1.3 on Ubuntu...

Authentication flaw

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."...

CVE-2014-9749

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."...

CVE-2014-9749

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."...

CVE-2014-9749

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."...

CVE-2014-9749

Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to retain access by leveraging a stale nonce, aka "Nonce replay vulnerability."...

withinsecurity: Uses unsafe-inline without nonce

Hi, I found you website using Uses unsafe-inline without nonce. Allowing unsafe-eval can increase risk of various types of attacks. Consider adding a nonce which makes injecting malicious code more difficult as an attacker would need to guess the nonce. Thanks,...

Offline WPS Bruteforce Utility: PixieWPS

Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs pixie dust attack Additional Video: http://video.adm.ntnu.no/pres/549931214e18d Pixiewps requires libssl. To install it: sudo apt-get install libssl-dev Installation:...

Amazon Linux: Security Advisory (ALAS-2014-425)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...