New Windows Patch Policy At Odds With Acceptable Risk

With Microsoft’s Patch Tuesday release tomorrow, the countdown begins for application developers to button down code ahead of Microsoft’s new servicing model starting in October that could present vulnerability issues for some businesses. “Tomorrow it’s going to be business as usual, but it will...

alternatives-internationales.fr XSS vulnerability

Vulnerable URL: http://www.alternatives-internationales.fr/newsletterfr08.html Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 11:08 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2453899 VIP website status:|...

cloughpikevet.vetstreet.com XSS vulnerability

Vulnerable URL: http://cloughpikevet.vetstreet.com/blog.html?p=10?submit=xss%3Cimg%20src=x%20onerror=confirm%22OPENBUGBOUNTY%22%3E=xss%3Cimg%20src=x%20onerror=confirm%22OPENBUGBOUNTY%22%3E& Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| X...

anglaisfacile.com XSS vulnerability

Vulnerable URL: http://www.anglaisfacile.com/word.php?w=payload%22%3E%3C/iframe%3E%3Cscript%3Ealert%28%22OPENBUGBOUNTY%22%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:55 GMT Vulnerability type:| XSS Vulnerability status:|...

dirtbikerider.com XSS vulnerability

Vulnerable URL: http://www.dirtbikerider.com/site-search.php?query=%3Csvg%20onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 18:23 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

Cisco Begins Patching Equation Group ASA Zero Day

Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance ASA software exposed in the ShadowBrokers data dump. Users on affected versions of ASA, 7.2, and 8.0 through 8.7, are urged to migrate soon to 9.1.79 or later. Newer versions that are also...

oups.schule.at XSS vulnerability

Vulnerable URL: http://oups.schule.at/index.php?s=1=10762==10840=&K3;====46"=51=OUPS - Portal zur Herzensbildung Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:44 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

Gratipay: Cross Site Scripting In Profile Statement

Hey Sir, I Have found Cross Site ScriptingXSS Vulnerabilities in updating profile statement, This is Advance XSS Script, You can see it XSS-Gratipay.txt You can also see it live here: https://gratipay.com/MuhaddiMu/ Steps to produce: 1 Login To Your Account. 2 Click on Edit Statement 3 Copy and...

bsdhl.com XSS vulnerability

Vulnerable URL: http://bsdhl.com/Search.asp?ModuleName==0='" Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 10:37 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4475388 VIP website status:| No Check bsdhl.co...

demo8.2s-vitrin.ir XSS vulnerability

Vulnerable URL: http://demo8.2s-vitrin.ir/?s= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check demo8.2s-vitrin.ir SSL...

ipu.org XSS vulnerability

Vulnerable URL: http://www.ipu.org/parline-e/ElectoralSystem.asp?LANG=ENG"SUBREGION=S11=1&Submit1;=Launch+query Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 12:36 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

in.ua XSS vulnerability

Vulnerable URL: http://www.in.ua/whois.php?chlng=rus='" Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 12:34 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

fcbarcelona.es XSS vulnerability

Vulnerable URL: https://www.fcbarcelona.es/buscador?keywords=%3C/title%3E%3C/script/%22-alert0-%22--%3E%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E=i:aps,k:%3C/title%3E%3C/script/%22-alert0-%22-%20-%3E%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, ...

xe003900.vls014vm05.hostmaster.sk XSS vulnerability

Vulnerable URL: http://xe003900.vls014vm05.hostmaster.sk/examuniversity.php?cat=English"= Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 23:28 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

lib.vippo.org.ua XSS vulnerability

Vulnerable URL: http://lib.vippo.org.ua/periodyka.php?cat=72" Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 23:26 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:|...

ColoradoFTP 1.3 Prime Edition (Build 8) Directory Traversal

Advisory Information Title: Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime Edition Build 8 Date published: n/a Date of last update: n/a Vendors contacted: ColoradoFTP author Sergei Abramov Discovered by: Rv3Laboratory Research Team Severity: High 02. Vulnerability Information...

shoppingpenha.com.br XSS vulnerability

Vulnerable URL: http://www.shoppingpenha.com.br/?s=%27;alert/XSSPOSED///%27;alert/XSSPOSED///%22;alert/XSSPOSED///%22;alert/XSSPOSED///--%3E%3C/sCRipT%3E%22%3E%27%3E%3CsCRipT%3Ealert/XSSPOSED/%3C/sCRipT%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017...

Zabbix Agent 3.0.1 mysql. size shell command injection

CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection Affected products ================= At least Zabbix Agent 1:3.0.1-1+wheezy from http://repo.zabbix.com/zabbix/3.0/debian is vulnerable. Other versions were not tested. Background ========== "Zabbix agent is deployed on a...

wersalik.pl XSS vulnerability

Vulnerable URL: http://www.wersalik.pl/szukaj.php?a=szukaj==1grid=3keyword= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 552862 VIP website status:| No Check wersalik.pl SSL...

Joshua Drake on Android Security Post-Stagefright

Joshua Drake of Zimperium Labs talks to Mike Mimoso about the last year post-Stagefright, the effectiveness of Google’s monthly patching cycle, and some of the security enhancements forthcoming in Android N. Download: JoshuaDrakeonPost-StagefrightAndroid.mp3 Music by Chris Gonsalves...