Hippo CMS: source code security analysis report

Several vulnerabilities were discovered in Hippo 'Hippo CMS' software: Using XSL Transformation to Execute Any Code Violating the Java Object Model Missing XML document schema validation Using Broken or Risky Cryptographic Algorithm Incorrect Permissions for External Entities During XML Document...

Phabricator: HTML in Diffusion not escaped in certain circumstances

HTML in Diffusion source code listing is not escaped Steps to reproduce: have the syntax hilight turned on the file is bigger than 256kB, thus syntax hilight is claimed in header to be turned off automatically, however, plaintext file doesn't display like with regular manual syntax highlight off,...

Enonic XP: source code security analysis report

Several vulnerabilities were discovered in Enonic AS 'Enonic XP' software: Утечка пользовательских данных между сессиями Использование XSL трансформации для исполнения произвольного кода Отсутствие верификации цифровой подписи исполняемых файлов, полученных из недоверенных источников HttpOnly...

Slack: Source code leakage through GIT web access at host '52.91.137.42'

@d0znpp alerted us to the public availability of Git files on a QA server. This lead to the access to files which should have been restricted. We have enforced proper access control, and Slack awarded @d0znpp a $1,500 bounty for bringing the issue to our attention! Thank you!...

CVE-2 0 1 5-7 5 4 7 analysis and use-vulnerability and early warning-the black bar safety net

0x01 analysis This vulnerability analysis and how to build a test environment k0 chef in seebug and mrh God in the drops of the articles are written very in detail, in the following reference to Annex A of the original address. I was standing on the shoulders of Giants to write some of your own i...

DokuWiki: source code security analysis report

Several vulnerabilities were discovered in DokuWiki Community 'DokuWiki' software: Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in Cryptography Incorrect User Input Filtration when Generating Code on the Fly...

Informatica: [oneclickdrsfdc-test.informatica.com] Tomcat Example Scripts Exposed Unauthenticated

Issue The consultant identified that there is an unauthenticated installation of apache tomcat installed on the affected host. This particular installation has the /examples directory exposed which contains several scripts that execute server side code, these scripts can also be leveraged to carr...

RIPS automated mining Typecho source code security vulnerabilities-vulnerability warning-the black bar safety net

RIPS is a source code analysis tool, which uses static analysis technology to automate the mining of the PHP source code for potential security vulnerabilities. Penetration testers can directly easily review the results of the analysis, without review of the entire program code. Since static sour...

Theory PHP Common Vulnerabilities first bomb: installation problems-vulnerability warning-the black bar safety net

First get a copy of the source code, certainly is the first install, and the installation file will often appear problem. Generally the installation file after the installation is complete, basically not automatically delete the install file, I encountered will be automatically deleted if it...

Jetpack for WordPress: source code security analysis report

Several vulnerabilities were discovered in Automatic 'Jetpack for WordPress' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using the unserialize Function Using Insufficiently Random Generators in...

US charges Chinese ex-IBM employee with Espionage

The United States federal authorities have boosted charges against a former IBM Corp. software developer in China for allegedly stealing valuable source code from his former employer in the US. Chinese national Xu Jiaqiang, 30, was arrested by the FBI in December last year, when he was charged wi...

Advanced Module Manager Free extension for Joomla!: source code security analysis report

Several vulnerabilities were discovered in Regular Labs 'Advanced Module Manager Free extension for Joomla!' software: Using Insufficiently Random Generators in Cryptography Incorrect Permissions for External Entities During XML Document Processing Incorrect User Input Filtration when Generating...

Armadito Antimalware - Backdoor AccessBypass

Armadito Antimalware - Backdoor AccessBypass / Exploit Title : Armadito antimalware - Backdoor/Bypass Date : 07-06-2016 DD-MM-YYYY Exploit Author : Ax. Vendor Homepage : http://www.teclib-edition.com/teclib-products/armadito-antivirus/ Software Link : https://github.com/41434944/armadito-av Versi...

Armadito Antimalware - Backdoor Access/Bypass

/ Exploit Title : Armadito antimalware - Backdoor/Bypass Date : 07-06-2016 DD-MM-YYYY Exploit Author : Ax. Vendor Homepage : http://www.teclib-edition.com/teclib-products/armadito-antivirus/ Software Link : https://github.com/41434944/armadito-av Version : No version specified. Fixed 07-06-2016...

WordPress Simple Backup 2.7.11 Plugin - Multiple Vulnerabilities

Exploit for php platform in category web applications Meta information Exploit Title: Wordpress plugin simple-backup - Multiple vulnerabilities Date: 2016-06-02 Exploit Author: PizzaHatHacker A gmail . com Vendor Homepage: DEAD LINK https://wordpress.org/plugins/simple-backup/ Software Link: DEAD...

FreeBSD-SA-16:22.libarchive

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:22.libarchive Security Advisory The FreeBSD Project Topic: Directory traversal in cpio1 Category: contrib Module: libarchive Announced: 2016-05-31 Credits:...

FreeBSD-SA-16:20.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:20.linux Security Advisory The FreeBSD Project Topic: Kernel stack disclosure in Linux compatibility layer Category: core Module: linux4 Announced: 2016-05-3...

XSS Hunter is Now Open Source – Here’s How to Set It Up!

Recently I opened up XSS Hunter for public registration, this was after publishing a post on how I used XSS Hunter to hack GoDaddy via blind XSS and pointed out that many penetration testers use a very limited alert box-based pentesting methodology which will not detect these types of issues. Aft...

JVN#13794955: Source code of Old_GSI_Maps prior to January, 2015 vulnerable to directory traversal

kml2jsonp.php contained in source code of OldGSIMaps prior to January, 2015 provided by the Geospatial Information Authority of Japan GSI contains a directory traversal vulnerability CWE-22. Impact When the product is used in Windows, a remote attacker may obtain arbitrary files from the server...

CMSimple CMS: source code security analysis report

Several vulnerabilities were discovered in CMSimple 'CMSimple CMS' software: File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Global Variables Using Insufficiently Random Generators in Cryptography HttpOnly...