Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF

The plugin does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server. On Web Servers other than Windows, the /wp-content/plugins/error-log-viewer/savedlogs/...

RANSOMWARE: Ranzy Locker

On 25 October 2021, the FBI released a report documenting their findings about a ransomware variant known as Ranzy Locker. While Ranzy Locker has not been used as prolifically as Conti or Darkside, it does leverage some of the same old ransomware tricks to attack its victims. In conjunction with...

Important: Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.2.2 update

An update is now available for Red Hat JBoss BPM Suite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

openSUSE Security Update : flash-player (openSUSE-SU-2015:0174-1)

Adobe Flash Player was updated to 11.2.202.440 bsc914463 : - APSA15-01, CVE-2015-0311 - Update of flashplayer executable binary for i386 is not available. This binary was disabled. - Security update to 11.2.202.438 bsc914333 : - APSB15-02, CVE-2015-0310 - Security update to 11.2.202.429 bsc913057...

WinRAR Filename Spoofing

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/zip' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::FILEFORMAT...

Microsoft Internet Explorer 5.5/6.0 Spoofable File Extensions Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3597/info It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a .txt or other seemingly harmle...

CodeDB 1.1.1 - list.php Local File Inclusion

CodeDB 1.1.1 - list.php Local File Inclusion Name : CodeDB list.php lang Local File Inclusion Vulnerability Author : cOndemned Greetz : ZaBeaTy, str0ke, irk4z, GregStar, doctor, Adish, Avantura ; Source : // list.php 2. $lang = htmlspecialchars$GET'lang'; // ok, but.... for what ? lol 7...

[slackware-security] libpng

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-1382 Additional information can ...