47153 matches found
TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2
TC-SA-2013-01: Reflected Cross-Site-Scripting XSS vulnerability in e107 CMS v1.0.2 Published: 2013/04/03 Version 1.0 Affected Products: e107 version 1.0.2 others not tested http://www.e107.org References: TC-SA-2013-01 www.tele-consulting.com/advisories/TC-SA-2013-01.txt used for updates...
[SQLi] vBilling for FreeSWITCH
vBilling for FreeSWITCH. http://blaszczakm.blogspot.com/2013/04/vbilling-freeswitch-sqli.html Michal Blaszczak 1 SQL Injection reset password any SIP account file: controllers/customer.php $sql2 = "UPDATE directoryparams SET paramvalue = '".$newpassword."' WHERE directoryid = '".$recordid."' "; 2...
SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey
SEC Consult Vulnerability Lab Security Advisory 20130417-0 ======================================================================= title: Multiple vulnerabilities in Sosci Survey product: Sosci Survey vulnerable version: 2.3.04a fixed version: 2.3.04a impact: Critical homepage:...
CVE-2013-2504 : Matrix42 Service Desk XSS
43zsec SECURITY ADVISORY CVE ID : CVE-2013-2504 Product: Service Store 5.3 SP3 5.33.946.0 Vendor: matrix42 - member of asseco group Subject: Cross-site Scripting - XSS Classification: PCI 2.0: 6.5.7 PCI 1.2: 6.5.1 OWASP: A2 CWE: 79 CAPEC: 19 WASC: 08 Risk: High Effect: Remotely exploitable Author...
MailOrderWorks v5.907 - Multiple Web Vulnerabilities
Title: ====== MailOrderWorks v5.907 - Multiple Web Vulnerabilities Date: ===== 2013-01-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=798 VL-ID: ===== 796 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= Mail...
OpenText/IXOS ECM for SAP NetWeaver code exeution
ABAP code injection...
Multiple Vulnerabilities in D-Link DSL-320B
Device: DSL-320B Firmware Version: EUDSL-320B v1.23 date: 28.12.2010 Vendor URL: http://www.dlink.com/de/de/home-solutions/connect/modems-and-gateways/dsl-320b-adsl-2-ethernet-modem ============ Vulnerability Overview: ============ Access to the Config file without authentication = full...
Remote command injection in Ruby Gem kelredd-pruview 0.3.8
Remote command injection in Ruby Gem kelredd-pruview 0.3.8 Larry W. Cashdollar 4/4/2013 @larry0 Description: "A gem to ease generating image previews thumbnails of various files." https://rubygems.org/gems/kelredd-pruview Remote commands can be executed if the file name contains shell meta...
Vulnerability in Microsoft Security Essentials <v4.2
Hi @ll, versions of Microsoft Security Essentials before the current v4.2 see https://support.microsoft.com/kb/2805304 have a vulnerability that could lead to execution of arbitrary code in the security context of the LocalSystem account almost like https://support.microsoft.com/kb/2781197 alias...
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5
waraxe-2013-SA101 - Update Spoofing Vulnerability in Royal TS 2.1.5 =============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-101.html Description of vulnerable...
Apache VCL improper input validation
CVE-2013-0267: Apache VCL improper input validation Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache VCL 2.1, 2.2, 2.2.1, 2.3, 2.3.1 Description: Some parts of VCL did not properly validate input data. This problem was present both in the Privileges portion of...
[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9
============================================= INTERNET SECURITY AUDITORS ALERT 2013-012 - Original release date: March 19th, 2013 - Last revised: April 6th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2631...
[CVE-2013-1814] Apache Rave exposes User over API
CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to...
Open-Xchange Security Advisory 2013-04-17
Open-Xchange Security Advisory multiple vulnerabilities Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. The vendor has chosen a responsible full disclosure method to publish security issue details. Users of the software have already been provided...
[USN-1800-1] HAProxy vulnerabilities
========================================================================== Ubuntu Security Notice USN-1800-1 April 15, 2013 haproxy vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50
waraxe-2013-SA100 - Update Spoofing Vulnerability in mRemote 1.50 =============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-100.html Description of vulnerable softwar...
DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal
Title ----- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal Severity -------- High Discovered By ------------- Evan Sylvester and r@b13$ Date Discovered --------------- February 19, 2013 Vulnerability Description ------------------------- The Dell EqualLogic PS6110X is vulnerable to a...
Vulnerabilities in jPlayer
Hello 3APA3A! I want to inform you about multiple vulnerabilities in jPlayer. These are Cross-Site Scripting and Content Spoofing and vulnerabilities in jPlayer. Which is used at tens thousands of web sites and in multiple web applications. ------------------------- Affected products:...
Open-Xchange Security Advisory 2013-03-13
Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof regarding authenticity can be obtained from the...
Remote command execution for Ruby Gem ftpd-0.2.1
Remote command execution for Ruby Gem ftpd-0.2.1 2/28/2013 https://github.com/wconrad/ftpd http://rubygems.org/gems/ftpd "ftpd is a pure Ruby FTP server library. It supports implicit and explicit TLS, passive and active mode, and most of the commands specified in RFC 969. It an be used as part of...
Cisco Device Manager code execution
Code execution via JAR applications...
[SECURITY] [DSA 2653-1] icinga security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2653-1 [email protected] http://www.debian.org/security/ Florian Weimer March 26, 2013 http://www.debian.org/security/faq -...
SQL Injection Vulnerability in Symphony
Advisory ID: HTB23148 Product: Symphony Vendor: http://getsymphony.com/ Vulnerable Versions: 2.3.1 and probably prior Tested Version: 2.3.1 Vendor Notification: March 13, 2013 Vendor Patch: March 24, 2013 Public Disclosure: April 3, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...
[SECURITY] [DSA 2640-1] zoneminder security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2640-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 14, 2013 http://www.debian.org/security/faq -...
XSS vulnerabilities in ZeroClipboard in multiple plugins for WordPress
Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard http://seclists.org/fulldisclosure/2013/Feb/103. I wrote that this is very widespread flash-file an...
[SECURITY] [DSA 2651-1] smokeping security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2651-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 20, 2013 http://www.debian.org/security/faq -...
XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress
Hello 3APA3A! These are Cross-Site Scripting and Full path disclosure vulnerabilities in multiple themes for WordPress with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard http://seclists.org/fulldisclosure/2013/Feb/103. I wrote that this is very...
XSS vulnerabilities in ZeroClipboard and multiple web applications
Hello 3APA3A! In February I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard and multiple web applications. This is additional information on this topic. XSS vulnerabilities in ZeroClipboard http://securityvulns.ru/docs29105.html XSS vulnerabilities in YAML, Multiproject for...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Multiple Vulnerabilities in KrisonAV CMS
Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79,...
libarchive integer overflow
Integer overflow on zip file creation leads to buffer overflow...
[ MDVSA-2013:147 ] libarchive
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:147 http://www.mandriva.com/en/support/security/ Package : libarchive Date : April 19, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and...
MiniMagic ruby gem remote code execution
MiniMagic ruby gem remote code execution 3/12/2013 https://github.com/hcatlin/minimagick A ruby wrapper for ImageMagick or GraphicsMagick command line. Tested on both Ruby 1.9.2 and Ruby 1.8.7. If a URL is from an untrusted source, commands can be injected into it for remote code execution with t...
PHP Code Injection in FUDforum
Advisory ID: HTB23146 Product: FUDforum Vendor: FUDforum Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Vendor Notification: February 21, 2013 Vendor Patch: March 11, 2013 Public Disclosure: April 3, 2013 Vulnerability Type: Code Injection CWE-94 CVE Reference: CVE-2013-2267...
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
waraxe-2013-SA103 - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-103.html Description of vulnerable software:...
[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7
waraxe-2013-SA102 - Reflected XSS in phpMyAdmin 3.5.7 =============================================================================== Author: Janek Vind "waraxe" Date: 09. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-102.html Description of vulnerable software: phpMyAdmi...
Remote command execution in Ruby Gem ldoce 0.0.2
Remote command execution in Ruby Gem ldoce 0.0.2 Larry W. Cashdollar @larry0 3/25/2013 Ldoce Ruby Gem: Easily interface with the Longman Dictionary of Contemporary English API from Ruby: NB currently mac only as it depends on the afplay command. https://rubygems.org/gems/ldoce...
Report OWASP WAF Naxsi bypass Vulnerability
OWASP WAF Naxsi bypass Vulnerability Certain unspecified input is not properly handed in naxsisrc/naxsiutils.c naxsiunescapeuriuchar dst, uchar src, sizet size, ngxuintt type before being used to filtered. This can be exploited to bypass some WAF rules. Naxsi site https://code.google.com/p/naxsi/...
Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb and others
Hello 3APA3A! Earlier I've wrote about Content Spoofing and Cross-Site Scripting vulnerabilities in SWFUpload http://securityvulns.ru/docs29181.html. This is very popular flash-file, which is used at tens millions of web sites and in hundreds of web applications only WordPress is used at more the...
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver
ESNC-2013-004 Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver Please refer to http://www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...
SQL Injection in b2evolution
Advisory ID: HTB23152 Product: b2evolution Vendor: b2evolution Group Vulnerable Versions: 4.1.6 and probably prior Tested Version: 4.1.6 Vendor Notification: April 10, 2013 Vendor Patch: April 29, 2013 Public Disclosure: May 1, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference:...
Huawei devices buffer overflow
Multiple buffer overflows in SNMPv3 daemon...
Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable
Product Name: Vanilla Forums Vulnerable Version: Up to vanilla-core-2-0-18-4 Tested on: Windows Server 2003 Apache 2.4.3 PHP 5.4.7 MySQL 5.5.27 Vulnerability Overview: SQL-Injection is possible, because$POST arrays are not proper sanitized. You do not need to be authenticated. Vulnerability...
Vulnerabilities in multiple plugins for WordPress with jPlayer
Hello 3APA3A! I want to inform you about multiple vulnerabilities in multiple plugins for WordPress with jPlayer. These are Cross-Site Scripting and Content Spoofing and vulnerabilities. I've wrote about vulnerabilities in jPlayer earlier http://seclists.org/fulldisclosure/2013/Apr/192. jPlayer i...
[ MDVSA-2013:149 ] roundcubemail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:149 http://www.mandriva.com/en/support/security/ Package : roundcubemail Date : April 21, 2013 Affected: Business Server 1.0 Problem Description: A vulnerability has been found and corrected in roundcubemail...
Multiple buffer overflows on Huawei SNMPv3 service
Multiple buffer overflows on Huawei SNMPv3 service ================================================== ADVISORY INFORMATION Title: Multiple buffer overflows on Huawei SNMPv3 service Discovery date: 11/02/2013 Release date: 06/05/2013 Credits: Roberto Paleari [email protected], @rpaleari...
VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6
Hi @ll, the current 3CXPhone6.msi for Windows, available from http://www.3cx.com/VOIP/sip-phone/, digitally signed on 2012-07-30, installs the following outdated and vulnerable 3rd-party libraries: libeay32.dll and ssleay32.dll version 0.9.8h from 2008-05-28 of OpenSSL. The current version of...
Dell EqualLogic directory traversal
It's possible to access system files...
SEC Consult 20130404-0 :: Multiple Vulnerabilities in Censornet Professional v4 (2.1.7)
SEC Consult Vulnerability Lab Security Advisory 20130404-0 ======================================================================= title: Multiple Vulnerabilities product: Censornet Professional v4 2.1.7 vulnerable version: 2.1.7 fixed version: impact: high homepage: http://www.censornet.com/...
Vulnerabilities in multiple themes for WordPress with jPlayer
Hello 3APA3A! I want to inform you about multiple vulnerabilities in multiple themes for WordPress with jPlayer. These are Cross-Site Scripting, Content Spoofing and Full path disclosure vulnerabilities. I've wrote about vulnerabilities in jPlayer earlier...