WordPress LeagueManager Plugins 3.9.11 /lib/core.php SQL注入

No description provided by source...

SparkyLinux - Lightweight & fast Debian-based Linux Distribution

SparkyLinux is a GNU/Linux distribution created on the “testing” branch of Debian. It features customized lightweight desktops like E19, LXDE and Openbox, multimedia plugins, selected sets of apps and own custom tools to ease different tasks. Why Sparky? SparkyLinux is a Debian-based Linux...

[SECURITY] Fedora 23 Update: wireshark-1.12.7-2.fc23

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

New Versions of Carbanak Banking Malware Seen Hitting Targets in U.S. and Europe

New variants of the notorious Carbanak Trojan have surfaced in Europe and the United States, and researchers say that the malware now has its own proprietary communications protocol and the samples seen so far have been digitally signed. Carbanak has been in use for several years, and researchers...

WordPress Private Only 3.5.1 CSRF / Cross Site Scripting

Details ================ Software: Private Only Version: 3.5.1 Homepage: http://wordpress.org/plugins/private-only/ Advisory report: https://security.dxw.com/advisories/csrfxss-vulnerability-in-private-only-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can/ CVE: CVE-2015-5483 CVSS:...

ownCloud: owncloud.com: Outdated plugins contains public exploits

hey There were many outdated plugins that has may public exploits available , it is strongly suggested to update these . WPML to 3.1.9 sitepress multilingual cms to 3.1.72 google analyticator to 6.9.4.4 Kindly fix these...

Fedora Update for nagios-plugins FEDORA-2015-12972

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nagios-plugins FEDORA-2015-12987

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 23 Update: nagios-plugins-2.0.3-1.fc23

Nagios is a program that will monitor hosts and services on your network, and to email or page you when a problem arises or is resolved. Nagios runs on a Unix server as a background or daemon process, intermittently running checks on various services that you specify. The actual service checks ar...

[SECURITY] Fedora 23 Update: flac-1.3.1-5.fc23

FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...

[SECURITY] Fedora 22 Update: nagios-plugins-2.0.3-1.fc22

Nagios is a program that will monitor hosts and services on your network, and to email or page you when a problem arises or is resolved. Nagios runs on a Unix server as a background or daemon process, intermittently running checks on various services that you specify. The actual service checks ar...

Fedora 22 : nagios-plugins-2.0.3-1.fc22 (2015-12987)

Update to 2.0.3 release to fix various CVE issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 23 : nagios-plugins-2.0.3-1.fc23 (2015-12853)

Update to 2.0.3 release to fix various CVE issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 21 : nagios-plugins-2.0.3-1.fc21 (2015-12972)

Update to 2.0.3 release to fix various CVE issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Vulnerabilities Identified in Several WordPress Plugins

Researchers have identified a handful of vulnerabilities present in three different plugins used by the content management system WordPress. The issues, most of which are cross-site scripting XSS vulnerabilities, could give some users administrative privileges, warns dxw Security, a British firm...

HTTPie - a CLI, cURL-like tool for humans

HTTPie pronounced aych-tee-tee-pie is a command line HTTP client. Its goal is to make CLI interaction with web services as human-friendly as possible. It provides a simple http command that allows for sending arbitrary HTTP requests using a simple and natural syntax, and displays colorized output...

USN-2699-1 hplip vulnerability

Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a machine-in-the-middle attack on printer plugin installations...

XSS Payload Management Framework: Sleepy Puppy

Sleepy Puppy is a cross-site scripting XSS payload management framework which simplifies the ability to capture, manage, and track XSS propagation over long periods of time. Why Should I use Sleepy Puppy? Often when testing for client side injections HTML/JS/etc. security engineers are looking fo...

Multiple Cross-Site Scripting Vulnerabilities in Multiple WordPress Plugins

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Multiple cross-site scripting vulnerabilities exist in several WordPress plugins due to the program failing to adequately filter user-supplied input. An attacker is...

CVE-2014-9735

The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an updateplugin...