Cross-Site Scripting (XSS) in Open Classifieds

Advisory ID: HTB23204 Product: Open Classifieds Vendor: Open Classifieds Team Vulnerable Versions: 2-2.1.2 and probably prior Tested Version: 2-2.1.2 Advisory Publication: February 19, 2014 without technical details Vendor Notification: February 19, 2014 Vendor Patch: February 20, 2014 Public...

[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stored Cross Site Scripting in Ektron CMS 8.7 CVE reference: CVE-2014-2729 Affected platforms: Ektron Web Content Management System Version: 8.7.0 Date: 2013-December-19 Security risk: Medium CVSS - AV:N/AC:L/Au:S/C:P/I:P/A:N Researcher: Joseph Zeng...

CS and XSS vulnerabilities in CU3ER

Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in CU3ER. Which I found in October 2013 at one web site. This is popular flash file and in Google's index there are up to million web sites with it near 1060000 sites in October, now near 717000 sites. In last years...

[USN-2172-1] CUPS vulnerability

========================================================================== Ubuntu Security Notice USN-2172-1 April 24, 2014 cups vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

file utility / libmagic / PHP DoS

Infinite recursion on some file types detection, buffer overread, CPU exhaustion...

Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin

Advisory ID: HTB23206 Product: XCloner Wordpress plugin Vendor: XCloner Vulnerable Versions: 3.1.0 and probably prior Tested Version: 3.1.0 Advisory Publication: March 12, 2014 without technical details Vendor Notification: March 12, 2014 Vendor Patch: March 13, 2014 Public Disclosure: April 2,...

Remote Command Injection in Ruby Gem sfpagent 0.4.14

Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14 Date: 4/15/2014 Author: Larry W. Cashdollar, @larry0 CVE: 2014-2888 Download: http://rubygems.org/gems/sfpagent Vulnerability The list variable generated from the user supplied JSONbody input is passed directly to the system shell on lin...

[USN-2171-1] rsync vulnerability

========================================================================== Ubuntu Security Notice USN-2171-1 April 23, 2014 rsync vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

rsync DoS

Resourcs exhaustion...

[USN-2182-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2182-1 April 28, 2014 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

SQL Injection in Orbit Open Ad Server

Advisory ID: HTB23208 Product: Orbit Open Ad Server Vendor: OrbitScripts, LLC Vulnerable Versions: 1.1.0 and probably prior Tested Version: 1.1.0 Advisory Publication: March 19, 2014 without technical details Vendor Notification: March 19, 2014 Vendor Patch: March 21, 2014 Public Disclosure: Apri...

Multiple Vulnerabilities in OpenDocMan

Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

Document Title: =============== AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1258 Release Date: ============= 2014-04-22 Vulnerability Laboratory ID VL-ID: ====================================...

[USN-2166-1] Net-SNMP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2166-1 April 14, 2014 net-snmp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

APPLE-SA-2014-04-22-3 Apple TV 6.1.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-3 Apple TV 6.1.1 Apple TV 6.1.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker in a privileged network position can obtain web site credentials Descriptio...

SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances

SEC Consult Vulnerability Lab Security Advisory 20140423-0 ======================================================================= title: Path Traversal/Remote Code Execution product: WD Arkeia Virtual Appliance AVA vulnerable version: All Arkeia Network Backup releases ASA/APA/AVA since 7.0.3...

Multiple vulnerabilities in Joomla-Base

Hello 3APA3A! These are Denial of Service, XML Injection, Cross-Site Scripting, Full path disclosure and Insufficient Anti-automation vulnerabilities in Joomla-Base. This is package of Joomla with different plugins with their vulnerabilities. These vulnerabilities are in Google Maps plugin for...

FreeBSD Security Advisory FreeBSD-SA-14:05.nfsserver

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:05.nfsserver Security Advisory The FreeBSD Project Topic: Deadlock in the NFS server Category: core Module: nfsserver Announced: 2014-04-08 Credits: Rick...

Depot WiFi v1.0.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== Depot WiFi v1.0.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1259 Release Date: ============= 2014-04-23 Vulnerability Laboratory ID VL-ID: ==================================== 1259...

[SECURITY] [DSA 2914-1] drupal6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2914-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 25, 2014 http://www.debian.org/security/faq -...

Cross-Site Scripting (XSS) in CMSimple

Advisory ID: HTB23205 Product: CMSimple Vendor: Preben Bjorn Biermann Madsen Vulnerable Versions: 3.54 and probably prior Tested Version: 3.54 Advisory Publication: February 26, 2014 without technical details Vendor Notification: February 26, 2014 Vendor Patch: February 26, 2014 Public Disclosure...

WD Arkeia Network Backup security vulnerabilities

Code execution, directory traversal...

[CVE-2014-2715] Cross-site scripting (XSS) vulnerability in Videowhisper

Vulnerability title: Cross-site scripting XSS vulnerability in Videowhisper CVE: CVE-2014-2715 Vendor: VideoWhisper Product: Videowhisper module for Drupal 7 Affected version: 7 Fixed version: Reported by: Mahmoud Ghorbanzadeh Details: Hello, I found Cross-site scripting XSS vulnerability in the...

Apple iOS multiple security vulnerabilities

Unsafe cookie handling, protection ypass, information leakage, multiple WebKit vulnerabilities...

Syhunt Advisory: CGILua session.lua Predictable Session ID Vulnerability

Syhunt Advisory: CGILua session.lua Predictable Session ID Vulnerability Advisory-ID: 201404301 Discovery Date: 03.27.2014 Release Date: 04.30.2014 Affected Applications: CGILua 5.0.x, CGILua 5.1.x., CGILua 5.2 alpha 1 & CGILua 5.2 alpha 2 Class: Predictable Session ID Status: Unpatched/Vendor...

HP iLO DoS

Device crashes on request with Hearbleed exploitation demonstration...

[USN-2168-1] Python Imaging Library vulnerabilities

========================================================================== Ubuntu Security Notice USN-2168-1 April 15, 2014 python-imaging vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

Buggy insecure "security" software executes rogue binary during installation and uninstallation

Hi @ll, the $&§ware by the name of "McAfee Security Scanner Plus" that Adobe dares to push to unsuspecting users of Microsoft Windows trying to get flash player from their main distribution page hxxp://get.adobe.com/flashplayer/ was developed, packaged and tested by people who obviously never hea...

[SECURITY] CVE-2014-0111 Apache Syncope

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0111: Remote code execution by an authenticated administrator Severity: Important Vendor: The Apache Software Foundation Versions Affected: Syncope 1.0.0 to 1.0.8 Syncope 1.1.0 to 1.1.6 Description: In the various places in which Apache Commo...

Sitecom routers predictable WAP key

Default WAP key can be computed from device MAC address...

Multiple vulnerabilities in Flexolio for WordPress

Hello 3APA3A! There are Content Spoofing, Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service and Arbitrary File Upload vulnerabilities in Flexolio for WordPress. Which contains TimThumb and CU3ER. In April 2011 I wrote about vulnerabilities in TimThumb...

Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2

Product description: ============ KnowledgeTree is document management system that makes it easy to secure, share, track and manage the documents and records. ============ KnowledgeTree Blind SQL Injection CVE-2014-2737 ============ The application is vulnerable to blind SQL injection which is...

CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server

Vulnerability title: Denial of Service in PCNetSoftware RAC Server CVE: CVE-2014-2597 Vendor: PCNetSoftware Product: RAC Server Affected version: 4.0.4, 4.0.5 Fixed version: N/A Reported by: Kyriakos Economou Details: Latest and possibly earlier versions of RAC Server software are vulnerable to...

Net-SNMP multiple security vulnerabilities

Multiple DoS conditions...

EMC Cloud Tiering Appliance information leakage

XML External Entity information leakage...

Apple TV multiple security vulnerabitilies

Unsafe cookie handling, protection ypass, information leakage, multiple WebKit vulnerabilities...

[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2888-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 27, 2014 http://www.debian.org/security/faq -...

Multiple vulnerabilities in JoomLeague for Joomla

Hello 3APA3A! These are Denial of Service, XML Injection, Cross-Site Scripting, Full path disclosure and Insufficient Anti-automation vulnerabilities in JoomLeague plugin for Joomla. These vulnerabilities are in Google Maps plugin for Joomla, which is used in this plugin. In 2013-2014 I wrote...

PDF Album v1.7 iOS - File Include Web Vulnerability

Document Title: =============== PDF Album v1.7 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1255 Release Date: ============= 2014-04-11 Vulnerability Laboratory ID VL-ID: ==================================== 1255...

CVE-2014-2735 - WinSCP: missing X.509 validation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-003 Product: WinSCP Affected Versions: 5.5.2.4130 Tested Versions: 5.5.2.4130 Windows 7 32 bit and Windows 8.1 64 bit Vulnerability Type: Missing X.509 validation Risk Level: Medium Solution Status: Fixed Vendor Notification:...

Adobe Reader for Android exposes insecure Javascript interfaces

------------------------------------------------------------------------ Adobe Reader for Android exposes insecure Javascript interfaces ------------------------------------------------------------------------ Yorick Koster, April 2014...

XSS and FPD vulnerabilities in Js-Multi-Hotel for WordPress

Hello 3APA3A! These are vulnerabilities in Js-Multi-Hotel plugin for WordPress. ------------------------- Affected products: ------------------------- Vulnerable are Js-Multi-Hotel 2.2.1 and previous versions. ------------------------- Affected vendors: ------------------------- Joomlaskin...

[SECURITY] [DSA 2916-1] libmms security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2916-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 28, 2014 http://www.debian.org/security/faq -...

Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem

Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In Arabic-Prawn-0.0.1/lib/stringutfsupport.rb, the following lines pass unsanitized input to the shell. 426 var ...

[SECURITY] CVE-2013-2251: Apache Archiva Remote Command Execution

CVE-2013-2251: Apache Archiva Remote Command Execution Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Archiva 1.3 to Continuum 1.3.6 - The unsupported versions Archiva 1.2 to 1.2.2 are also affected. Description: Apache Archiva is affected by a vulnerability in th...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Security advisory for Bugzilla 4.5.3, 4.4.3, 4.2.8, and 4.0.12

Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: The login form had no CSRF protection, meaning that an attacker could force the victim to log in using the attacker's credential...

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities

ESA-2014-028.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity XXE and Information Disclosure Vulnerabilities EMC Identifier: ESA-2014-028 CVE Identifier: CVE-2014-0644, CVE-2014-0645 Severity Rating: CVSS v2 Base Score: See below for...

libmms buffer overflow

Buffer overflow in getanswer on MMS over HTTP processing...

CS, XSS and FPD vulnerabilities in multiple plugins with CU3ER for WordPress

Hello 3APA3A! Recently I disclosed vulnerabilities in CU3ER http://seclists.org/fulldisclosure/2014/Apr/244 and vulnerabilities in plugins with CU3ER for WordPress, Joomla, SilverStripe and Plone http://seclists.org/fulldisclosure/2014/Apr/251. This is popular flash file and in Google's index the...