47153 matches found
CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework
Severity: Important Vendor: Spring by Pivotal Versions Affected: - 3.0.0 to 3.2.3 Spring OXM & Spring MVC - 4.0.0.M1 Spring OXM - 4.0.0.M1-4.0.0.M2 Spring MVC - Earlier unsupported versions may also be affected Description: The Spring OXM wrapper did not expose any property for disabling entity...
ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities
ESA-2013-057.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-057: RSA Archer® GRC Multiple Vulnerabilities EMC Identifier: ESA-2013-057 CVE Identifier: CVE-2013-3276, CVE-2013-3277 Severity Rating: CVSS v2 Base Score: See below for individual scores Affected Products: RSA Archer versio...
Trustport Webfilter Remote File Access Vulnerability
Trustport Webfilter Remote File Access Vulnerability ==================================================== Affected Product ---------------- Product Name: Trustport Webfilter Product Version: 5.5.0.2232 Platform: Microsoft Windows Product/Company Information --------------------------- From...
[ MDVSA-2013:203 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:203 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : July 30, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discover...
Wordpress videowhisper-live-streaming-integration Plugin Xss vulnerabilities
The Wordpress videowhisper-live-streaming-integration Plugin suffers from a Cross-Site Scripting vulnerability. Iranian Exploit DataBase Forum http://iedb.ir/acc http://iedb.ir Exploit Title : Wordpress videowhisper-live-streaming-integration Plugin Xss vulnerabilities Author : Iranian Exploit...
Struts2 Prefixed Parameters Open Redirect Vulnerability
CVE Number: CVE-2013-2248 Title: Struts2 Prefixed Parameters Open Redirect Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-017...
Struts2 Prefixed Parameters OGNL Injection Vulnerability
CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-016...
[SECURITY] [DSA 2750-1] imagemagick security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2750-1 [email protected] http://www.debian.org/security/ Florian Weimer September 03, 2013 http://www.debian.org/security/faq -...
imagemagic buffer overflow
Buffer overflow on GIF parsing...
VUPEN Security Research - Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass (Pwn2Own 2013 / MS13-063)
Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass Pwn2Own 2013 / MS13-063 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Windows is a series of software operating systems and graphical user interfaces produced by Microsoft...
Drupal Node View Permissions module and Flag module Vulnerabilities
The drupal security team has released the following security advisories. https://drupal.org/node/2076315 https://drupal.org/node/2076221 Regards, Daniel http://www.itsecuritycenter.com/...
NGS00500 Technical Advisory: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE
======= Summary ======= Name: Bit51 Better WP Security Plugin - Unauthenticated Stored XSS to RCE Release Date: 30 July 2013 Reference: NGS00500 Discoverer: Richard Warren [email protected] Vendor: Bit51 Vendor Reference: Systems Affected: Bit51 Better WP Security Plugin Version...
libdigidoc unauthorized access
It's possible to overwrite any file...
SilverStripe(R) Information Exposure Through Query Strings in GET Request (CWE-598)
SilverStripeR Information Exposure Through Query Strings in GET Request CWE-598 - CVE: CVE-2013-2653 - CWE: CWE-598 - Deloitte Argentina Advisory Code: DTTAR-20130002 - Vendor Status: CONFIRMED - Vendor Disclosure Date: May, 8th, 2013. - Public Disclosure Date: August, 1st, 2013. - Vendors...
APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 AirPort Base Station Firmware Update 7.6.4 is now available and addresses the following: Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with...
Multiple Vulnerabilities in BigTree CMS
Advisory ID: HTB23165 Product: BigTree CMS Vendor: BigTree CMS Vulnerable Versions: 4.0 RC2 and probably prior Tested Version: 4.0 RC2 Vendor Notification: July 17, 2013 Vendor Patch: July 17, 2013 Public Disclosure: August 7, 2013 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting...
Path Traversal in DeWeS Web Server (Twilight CMS)
Advisory ID: HTB23167 Product: DeWeS web server Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 0.4.2 and probably prior Tested Version: 0.4.2 Vendor Notification: July 24, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Path Traversal CWE-22 CVE Reference:...
[ MDVSA-2013:226 ] roundcubemail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:226 http://www.mandriva.com/en/support/security/ Package : roundcubemail Date : September 5, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been...
Sql Injection in "2easy Web Applications"
Hi! I have discovered a sql injection bug in "2easy Web Applications". vendor: http://www.2easy.gr/ bug in: readText.asp?textID= live examples: http://www.mroe.org/en/readText.asp?textID=223 http://www.ananeotiki.gr/el/readText.asp?textID=7078 http://www.vpg.nu/sv/readText.asp?textID=8 and so on...
Apple AitPort DoS
Hang on invalid length packets processing...
XSS and CS vulnerabilities in aCMS
Hello 3APA3A! After previous Cross-Site Scripting, Content Spoofing, Information Leakage, Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS, here are new ones. These are Cross-Site Scripting and Content Spoofing vulnerabilities in aCMS. This is commercial CMS...
CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE
Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...
VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability
========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...
SQL Injection in Cotonti
Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...
[USN-1939-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1939-1 September 06, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
ReviewBoard Vulnerabilities
ReviewBoard www.reviewboard.org aims to 'take the pain out of code review'. Integration with source control makes it imperative to maintain proper protections on this server. I have worked with the developers to resolve multiple XSS conditions and harden web server configurations. The XSS...
Usernoise 3.7.8 WP plugin cross-site scripting vulnerability
Details ============================= Application: Usernoise http://usernoise.karevn.com/ Version: 3.7.8 probably earlier versions as well Type: Wordpress plugin Developer: Nikolay Karev http://karevn.com/ - http://profiles.wordpress.org/karevn/ Vulnerability: Unauthorized persistent cross-site...
Vulnerabilities in multiple web applications with GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I've wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands...
Vulnerabilities in Avaya IP Office Customer Call Reporter
Hello 3APA3A! I want to warn you about vulnerabilities in Avaya IP Office Customer Call Reporter. These are Remote HTML Include and Remote XSS Include Cross-Site Scripting vulnerabilities. After I found multiple vulnerabilities in Avaya IP Office Customer Call Reporter in December, I informed ZDI...
Cross-Site Scripting (XSS) in Twilight CMS
Advisory ID: HTB23166 Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...
CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE
Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...
VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free (MS13-059)
VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free MS13-059 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of th...
[KIS-2013-08] vtiger CRM <= 5.4.0 (SOAP Services) Authentication Bypass Vulnerability
----------------------------------------------------------------------- vtiger CRM = 5.4.0 SOAP Services Authentication Bypass Vulnerability ----------------------------------------------------------------------- - Software Link: http://www.vtiger.com/ - Affected Versions: All versions from 5.1.0...
[SECURITY] [DSA 2751-1] libmodplug security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2751-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 04, 2013 http://www.debian.org/security/faq -...
libmodplug security vulnerabilities
Few code execution possibilities...
Full Disclosure - Multiple vulnerabilities in five Zoom ADSL Modem/Routers
Five models of the Zoom Telephonics ADSL Modem/Router line suffer from multiple critical vulnerabilities, almost all being of a remote access attack vector. Models affected: Zoom X3 ADSL Modem/Router Zoom X4 ADSL Modem/Router Zoom X5 ADSL Modem/Router Zoom ADSL Bridge Modem Model 5715 1...
SQL Injection vulnerability in Soltech.CMS
Hello 3APA3A! There is SQL Injection vulnerability in Soltech.CMS. This is commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are Soltech.CMS v 0.4 and previous versions. ------------------------- Affected vendors: ------------------------- Soltech...
Joomseller "Events Booking Pro" and "JSE Event" reflected XSS
---------------------------------------------------------------------------------------------- Joomseller "Events Booking Pro" and "JSE Event" reflected XSS ---------------------------------------------------------------------------------------------- + Software Link:...
MojoPortal XSS
Class Stored Cross-Site Scripting Remote Yes Credit Michael Savage of Dionach [email protected] Vulnerable MojoPortal 2.3.9.7 MojoPortal is prone to a stored cross-site scripting vulnerability because it does not escape the titles of forum threads when inserting into the page title element. An...
Joomla! VirtueMart component <= 2.0.22a - SQL Injection
------------------------------------------------------------ Joomla! VirtueMart component = 2.0.22a - SQL Injection ------------------------------------------------------------ == Description == - Software link: http://www.virtuemart.net/ - Affected versions: All versions between 2.0.8 and 2.0.22...
Joomla! redSHOP component v1.2 SQL Injection
-------------------------------------------- Joomla! redSHOP component v1.2 SQL Injection -------------------------------------------- == Description == - Product: Joomla! redSHOP component - Product link: http://redcomponent.com/redcomponent/redshop - Vendor: redcomponent - Affected versions:...
CS and XSS vulnerabilities in GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in GDD FLVPlayer. ------------------------- Affected products: ------------------------- Vulnerable are GDD FLVPlayer v3.635 and previous versions. ------------------------- Affected vendors: -----------------------...
Vulnerabilities in multiple plugins for WordPress with GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands web...
Zoom routers multiple security vulnerabilities
Directory traversal, authentication bypass, information leakage...
WebKit / Appl Safari / Google Chrome security vulnerabilities
Race conditions, use-after-free...
Cisco WebEx applications multiple security vulnerabilities
Memory corruptions, buffer overflows...
Cross-Site Scripting (XSS) in BackWPup WordPress Plugin
Advisory ID: HTB23161 Product: BackWPup WordPress Plugin Vendor: Inpsyde GmbH Vulnerable Versions: 3.0.12 and probably prior Tested Version: 3.0.12 Vendor Notification: June 19, 2013 Vendor Patch: August 12, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 C...
[KIS-2013-07] vtiger CRM <= 5.4.0 (vtigerolservice.php) PHP Code Injection Vulnerability
-------------------------------------------------------------------------- vtiger CRM = 5.4.0 vtigerolservice.php PHP Code Injection Vulnerability -------------------------------------------------------------------------- - Software Link: http://www.vtiger.com/ - Affected Versions: All versions...
RoundCube crossite scripting
Multiple crossite scripting vulnerabilities via message body...
[SECURITY] [DSA 2740-1] python-django security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2740-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2013 http://www.debian.org/security/faq -...