[SECURITY] Fedora 20 Update: roundcubemail-1.0.5-1.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 21 Update: roundcubemail-1.0.5-1.fc21

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Fedora 20 : php-5.5.21-1.fc20 (2015-1101)

22 Jan 2014, PHP 5.5.21 Core : - Upgraded cryptblowfish to version 1.3. Leigh - Fixed bug 60704 unlink bug with some files path. - Fixed bug 65419 Inside trait, self::class != CLASS. Julien - Fixed bug 65576 Constructor from trait conflicts with inherited constructor. dunglas at gmail dot com -...

X (Formerly Twitter): Insecure Data Storage in Vine Android App

Hi Twitter, - Vulnerability Class:OWASP M2 : Insecure Data Storage Every application needs to store something secret, like a website username,password, cookies etc. , internal storage is the place to do it, android sandbox prevents other applications from accessing this data but,In vine android a...

Hyperfox - HTTP and HTTPs Traffic Interceptor

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key both provided by the user. If the target machine recognizes the root CA as trusted, then...

[SECURITY] Fedora 21 Update: openvas-manager-5.0.7-1.fc21

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 20 Update: roundcubemail-1.0.4-2.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 21 Update: roundcubemail-1.0.4-2.fc21

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

DAMM - Differential Analysis of Malware in Memory

An open source memory analysis tool built on top of Volatility. It is meant as a proving ground for interesting new techniques to be made available to the community. These techniques are an attempt to speed up the investigation process through data reduction and codifying some expert knowledge...

Piwigo 2.6.0 - picture.php?rate SQL Injection

Piwigo 2.6.0 - picture.php?rate SQL Injection ============================================= MGC ALERT 2014-001 - Original release date: January 12, 2014 - Last revised: November 12, 2014 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score...

Piwigo 2.6.0 SQL Injection

============================================= MGC ALERT 2014-001 - Original release date: January 12, 2014 - Last revised: November 12, 2014 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...

PHP/Sqlite under the Common Vulnerability analysis-vulnerability warning-the black bar safety net

0x00 before the bit SQLite as a lightweight database,PHP developers, one set not Mo where students,PHP5,which has the default integrated this lightweight embedded database products. For use with a PHP/Sqlite CMS,also there is one of these common security threats. The author of the following numbe...

Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:153)

Updated mediawiki packages fix security vulnerabilities : MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash, XSS in mediawiki.page.image.pagination.js, and clickjacking between OutputPage and ParserOutput. This update provides MediaWiki 1.23.2, fixing these and other issues...

Sqlbuddy 1.3.2 / 1.3.3 Cross Site Scripting

Exploit Title : Sqlbuddy 1.3.2 & 1.3.3 Reflected Cross-Site Scripting Author : Govind Singh aka NullPort Vendor : http://sqlbuddy.com/ Download Link : https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Sqlbuddy 1.3.3 Date : 14/07/2014 Discovered at : IHT Lab 1ND14N H4X0R5 T34M Love...

phpliteadmin <= 1.9.3 - Remote PHP Code Injection Vulnerability

No description provided by source. Exploit Title: phpliteadmin = 1.9.3 Remote PHP Code Injection Vulnerability Google Dork: inurl:phpliteadmin.php Default PW: admin Date: 01/10/2013 Exploit Author: L@usch - http://la.usch.io - http://la.usch.io/files/exploits/phpliteadmin-1.9.3.txt Vendor Homepag...

Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection

No description provided by source. + Exploit: Cells v3.3 XSS Reflected & Blind SQLite Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + version: Cells Blog 3.3 + Vendor Homepage: http://cells.tw + 14/01/2014 vendor contacted + 17/01/2014 no response from vendor +...

iOS iFileExplorer Free - Directory Traversal

No description provided by source. Exploit Title: iPod Touch/iPhone iFileExplorer Free Directory Traversal Date: 04/03/2011 UK date format Author: theSmallNothing Software Link: http://itunes.apple.com/gb/app/ifileexplorer-protect-multi/id355253462?mt=8 Version: 2.8 Tested on: iPod Touch 2G 4.1...

lightneasy sqlite / no database <= 1.2.2 - Multiple Vulnerabilities

No description provided by source. Author: GiReX mySite: girex.altervista.org Date: 14/04/08 CMS: LightNEasy SQLite / no database = 1.2.2 Site: lightneasy.org Advisory: Multiple Remote Vulnerabilities Need: magicquotesgpc = Off magicquotesgpc = On / Off for SQL Injections Bug 1: Remote File...

CMSQLITE 1.3.2 - Multiple Vulnerabiltiies

No description provided by source. Title: ====== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Date: ===== 2012-10-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=726 VL-ID: ===== 726 Common Vulnerability Scoring System: ==================================== 4.3...

SweetRice < 0.6.4 (fckeditor) Remote File Upload

No description provided by source. Title: SweetRice 0.6.4 fckeditor Remote File Upload Vendor: http://www.basic-cms.org Dork: Powered By Basic CMS SweetRice AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...