Wing FTP Server security vulnerabilities

Code execution and CSRF in web interface...

CRUCMS Crucial Networking - SQL Injection Vulnerability

Document Title: =============== CRUCMS Crucial Networking - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1497 Release Date: ============= 2015-05-18 Vulnerability Laboratory ID VL-ID: ==================================== 14...

[SECURITY] [DSA 3280-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3280-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 07, 2015 http://www.debian.org/security/faq -...

Ektron CMS 9.10 SP1 - XSS Vulnerability

Vulnerability type: Cross-site Scripting Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.102 Patched version: 9.10 SP1 Build 9.1.0.184.1.114 Credit: Jerold Hoong PROOF OF CONCEPT XSS Cross-site scripting XSS vulnerability in...

Ektron CMS 9.10 SP1 - XSS Vulnerability

Vulnerability type: Cross-site Scripting Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.102 Patched version: 9.10 SP1 Build 9.1.0.184.1.114 Credit: Jerold Hoong PROOF OF CONCEPT XSS Cross-site scripting XSS vulnerability in...

[SECURITY] [DSA 3279-1] redis security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3279-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini June 06, 2015 http://www.debian.org/security/faq -...

CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability)

Dear readers, we just fixed a recently reported vulnerability in Apache Jackrabbit's WebDAV module; see - the attached CVE report - patches for all currently maintained Jackrabbit branches We just released Jackrabbit 2.10.1 see below and we'll get to the other branches shortly. Check the CVE for...

Ektron CMS 9.10 SP1 - CSRF Vulnerability

Vulnerability type: Cross-site Request Forgery Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.114 Patched version: 9.10 SP1 Build 9.1.0.184.1.120 CVE ID: CVE-2015-3624 Credit: Jerold Hoong PROOF OF CONCEPT CSRF Cross-site...

Symphony CMS XSS Vulnerability

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ Vendor: ================================ http://www.silverstripe.org/software/download Product: ================================ SilverStripe CMS & Framework v3.1.13 Advisory...

CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS]

Exploit Title: WordPress Free Counter Plugin Stored XSS Date: 2015/05/25 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://www.free-counter.org Software Link: https://wordpress.org/plugins/free-counter/ Version: 1.1 Tested on: WordPress 4.2.2...

CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4

Title: CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4 Submitter: Nitin Venkatesh Product: Encrypted Contact Form Wordpress Plugin Product URL: https://wordpress.org/plugins/encrypted-contact-form/ Vulnerability Type: Cross-site...

Webgrind XSS vulnerability

Credits: John Page hyp3rlinx Domains: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/AS-WEBGRIND0520.txt Vendor: https://github.com/jokkedk/webgrind Product: Webgrind is a Xdebug Profiling Web Frontend in PHP. Advisory Information:...

[SECURITY] [DSA 3265-1] zendframework security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3265-1 [email protected] http://www.debian.org/security/ David PrA©vot May 20, 2015 http://www.debian.org/security/faq -...

Symphony CMS 2.6.2

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-SYMPHONY0606.txt Vendor: ================================ www.getsymphony.com/download/ Product: ================================ Symphony CMS 2.6.2 Advisory Information:...

Apache Jackrabbit XXE

XXE via WebDAV request...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

AnimaGallery 2.6 (theme and lang cookie parameter) Local File Include Vulnerability

Exploit Title: AnimaGallery 2.6 theme and lang cookie parameter Local File Include Vulnerability Date: 2015/06/07 Vendor Homepage: http://dg.no.sapo.pt/ Software Link:http://dg.no.sapo.pt/AnimaGallery2.6.zip Version: 2.6 Tested on: Centos 6.5,php 5.3.2,magicquotesgpc=off Category: webapps...

Local PHP File Inclusion in ResourceSpace

Advisory ID: HTB23258 Product: ResourceSpace Vendor: Montala Limited Vulnerable Versions: 7.1.6513 and probably prior Tested Version: 7.1.6513 Advisory Publication: May 6, 2015 without technical details Vendor Notification: May 6, 2015 Vendor Patch: June 1, 2015 Public Disclosure: June 3, 2015...

[SECURITY] [DSA 3249-2] jqueryui security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3249-2 [email protected] http://www.debian.org/security/ Sebastien Delafond June 02, 2015 http://www.debian.org/security/faq -...

[USN-2627-1] t1utils vulnerability

========================================================================== Ubuntu Security Notice USN-2627-1 June 03, 2015 t1utils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

CA Common Services privilege escalation

Multiple privilege escalation vulnerabilities...

Freebox OS Web interface 3.0.2 XSS, CSRF

Hello list, Here are two CVEs I reported to Freebox, a french ISP: - CVE-2014-9382 - CSRF in VPN user account creation - CVE-2014-9405 - XSS Vulnerable product: Freebox OS Web interface 3.0.2. CVE-2014-9382 - CSRF in Freebox OS Web interface 3.0.2 allowing VPN user account creation...

[SECURITY] [DSA 3276-1] symfony security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3276-1 [email protected] http://www.debian.org/security/ David Prevot May 31, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3277-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3277-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 02, 2015 http://www.debian.org/security/faq -...

StrongSwan certificate spoofing

Server's certificate is validated after credentials are sent...

[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability

Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio...

[USN-2618-1] python-dbusmock vulnerability

========================================================================== Ubuntu Security Notice USN-2618-1 May 21, 2015 python-dbusmock vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

[CVE-2015-4108] Wing FTP Server Cross-site Request Forgery vulnerabilities

Exploit Title: Wing FTP Server Cross-site Request Forgery vulnerabilities Product: Wing FTP Server Vulnerable Versions: 4.4.6 and all previous versions Tested Version: 4.4.6 Advisory Publication: 05/06/2015 Latest Update: 05/06/2015 Vulnerability Type: Cross-site Request Forgery CWE-352 CVE...

CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS]

Exploit Title: CVE-2015-4039 - WordPress WP Membership plugin Stored XSS Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE: CVE-2015-4039...

Apache mod_jk information disclosure

No description provided...

IBM Watson (Cognea) - XSS and Redirect Vulnerabilities

Vulnerability type: Cross-site Scripting & Redirect Vendor: www.ibm.com Product: IBM Watson Cloud Computing SaaS Cognea Product Link: http://www.ibm.com/smarterplanet/us/en/ibmwatson/ Credit: Jerold Hoong The logout.jsp page function of the IBM Watson Cognea SaaS application is vulnerable to...

DbNinja 3.2.6 Flash XSS Vulnerabilities

Exploit Title: DbNinja Flash XSS Exploit Google Dork: intitle: Flash XSS Date: May 27, 2015 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.dbninja.com Software Link: www.dbninja.com Version: 3.2.6 Tested on: Windows 7 Category: Flash XSS CVE : NA Source...

1 Click Audio Converter v2.3.6 - Activex Buffer Overflow

Document Title: =============== 1 Click Audio Converter v2.3.6 - Activex Buffer Overflow References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1504 http://www.vulnerability-lab.com/getcontent.php?id=1505 View Video: https://www.youtube.com/watch?v=Ad0wHlHz0KU...

EMC RSA Web Threat Detection CSRF

No description provided...

JSPMyAdmin SQL Injection, CSRF & XSS Vulnerabilities

Credits: John Page hyp3rlinx Domains: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/AS-JSPMYADMIN0529.txt Vendor: code.google.com/p/jsp-myadmin Product: JSPAdmin 1.1 is a Java web based MySQL database management system. Advisory Information:...

1 Click ActiveX buffer overflow

SkinCrafter.dll buffer overflow...

CA20150604-01: Security Notice for CA Common Services

-----BEGIN PGP SIGNED MESSAGE----- CA20150604-01: Security Notice for CA Common Services Issued: June 4, 2015 CA Technologies Support is alerting customers to multiple potential risks with products that bundle CA Common Services on Unix/Linux platforms. A local attacker may exploit these...

redis restrictions bypass

Lua sandbox escaping...

CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin [Local File Inclusion]

Exploit Title: CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin Local File Inclusion Date: 2015/06/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://zanematthew.com/ Software Link:...

CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation]

Exploit Title: CVE-2015-4038 - WordPress WP Membership plugin Privilege escalation Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE:...

[CVE-2015-4107] Wing FTP Server Remote Code Execution vulnerability

Exploit Title: Wing FTP Server Remote Code Execution vulnerability Product: Wing FTP Server Vulnerable Versions: 4.4.6 and all previous versions Tested Version: 4.4.6 Advisory Publication: 05/06/2015 Latest Update: 05/06/2015 Vulnerability Type: Improper Control of Generation of Code CWE-94 CVE...

[SECURITY] [DSA 3282-1] strongswan security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3282-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez June 08, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3278-1] libapache-mod-jk security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3278-1 [email protected] http://www.debian.org/security/ Markus Koschany June 03, 2015 http://www.debian.org/security/faq -...

CVE-2015-4109 - WordPress Users Ultra Plugin [SQL injection]

Exploit Title: CVE-2015-4109 - WordPress Users Ultra Plugin SQL injection Date: 2015/05/30 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://usersultra.com Software Link: https://wordpress.org/plugins/users-ultra/ Version: 1.5.15 Tested on: WordPre...

ESA-2015-091: RSA® Web Threat Detection Cross-Site Request Forgery Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-091: RSA® Web Threat Detection Cross-Site Request Forgery Vulnerability EMC Identifier: ESA-2015-091 CVE Identifier: CVE-2015-0541 Severity Rating: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Products: · RSA Web Threat Detection versions prior to...

[security bulletin] HPSBGN03343 rev.1 - HP WebInspect, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04695307 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04695307 Version: 1 HPSBGN03343 rev....

Sendio ESP information disclosure

Session disclosure via Referer...

dbusmock code execution

No description provided...

1 Click Extract Audio v2.3.6 - Activex Buffer Overflow

Document Title: =============== 1 Click Extract Audio v2.3.6 - Activex Buffer Overflow References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1506 Video: http://www.vulnerability-lab.com/getcontent.php?id=1507 Release Date: ============= 2015-06-05 Vulnerabilit...

t1utils memory corruption

Memory corruption on fonts manipulation...