47153 matches found
XSS and FPD vulnerabilities in WPtouch and WPtouch Pro for WordPress
Hello 3APA3A! I want to inform you about vulnerabilities in WPtouch and WPtouch Pro plugins for WordPress. These are Cross-Site Scripting and Full path disclosure vulnerabilities. These XSS holes are in ZeroClipboard.swf, which is used in the plugin. In February I wrote about Cross-Site Scripting...
[USN-1944-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1944-1 September 06, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Joomla com_sectionex v2.5.96 SQL Injection vulnerabilities
------------------------------------------------------------------------------------- Joomla comsectionex v2.5.96 SQL Injection vulnerabilities ------------------------------------------------------------------------------------- == Description == - Software link: http://stackideas.com/sectionex ...
VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability
========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...
IndiaNIC Testimonail WP plugin - Multiple vulnerabilities
Details ======================== Application: Testimonial Version: 2.2 Type: Wordpress plugin Vendor: IndiaNIC Vulnerability: - XSS CWE-79 - CSRF CWE-352 - SQL Injection CWE-89 Description ======================== Testimonial Plugin allows you to add, delete, edit and place what others said about...
CakePHP AssetDispatcher Local File Inclusion Vulnerability
CVE Number: N/A not assigned Title: CakePHP AssetDispatcher Local File Inclusion Vulnerability Affected Software: Confirmed on CakePHP v2.3.7, v2.2.8 prior versions may also be affected Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.8 & 2.2.9 was released which...
XSS and CS vulnerabilities in aCMS
Hello 3APA3A! After previous Cross-Site Scripting, Content Spoofing, Information Leakage, Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS, here are new ones. These are Cross-Site Scripting and Content Spoofing vulnerabilities in aCMS. This is commercial CMS...
PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities
------------------------------------------------------------ PHPFox v3.6.0 build3 Multiple SQL Injection vulnerabilities ------------------------------------------------------------ == Description == - Software link: http://www.phpfox.com - Affected versions: version 3.6.0 build3 is vulnerable...
Vulnerabilities in Avaya IP Office Customer Call Reporter
Hello 3APA3A! I want to warn you about vulnerabilities in Avaya IP Office Customer Call Reporter. These are Remote HTML Include and Remote XSS Include Cross-Site Scripting vulnerabilities. After I found multiple vulnerabilities in Avaya IP Office Customer Call Reporter in December, I informed ZDI...
[ MDVSA-2013:225 ] libdigidoc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:225 http://www.mandriva.com/en/support/security/ Package : libdigidoc Date : September 2, 2013 Affected: Business Server 1.0 Problem Description: Updated libdigidoc packages fix security vulnerability: Fixed...
CVE-2013-5216 CapaSystems Performance Guard Path Traversal Vulnerability
Application Performance Guard Vendor CapaSystems Link http://www.capasystems.com/it-performance-monitorin Discovered by Kerem Kocaer kerem.kocaeratgmaildotcom Problem ------- Path traversal vulnerability in the "download logs" section allows remote attackers to read arbitrary files by interceptin...
Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption
Hello lists, here you find the analysis of a vulnerability I recently discovered. Mikrotik RouterOS 5. and 6. sshd remote preauth heap corruption http://kingcope.wordpress.com/2013/09/02/mikrotik-routeros-5-and-6-sshd-remote-preauth-heap-corruption/ Additionally it includes a way to drop into a...
[KIS-2013-06] vtiger CRM <= 5.4.0 (SOAP Services) Multiple SQL Injection Vulnerabilities
-------------------------------------------------------------------------- vtiger CRM = 5.4.0 SOAP Services Multiple SQL Injection Vulnerabilities -------------------------------------------------------------------------- - Software Link: http://www.vtiger.com/ - Affected Versions: All versions...
Wordpress post-gallery Plugin Xss vulnerabilities
The Wordpress post-gallery Plugin suffers from a Cross-Site Scripting vulnerability. Iranian Exploit DataBase Forum http://iedb.ir/acc http://iedb.ir Exploit Title : Wordpress post-gallery Plugin Xss vulnerabilities Author : Iranian Exploit DataBase Discovered By : IeDb Email : [email protected]...
Multiple XSS Vulnerabilities in Jahia xCM
Advisory ID: HTB23159 Product: Jahia xCM Vendor: Jahia Solutions Group SA Vulnerable Versions: 6.6.1.0 r43343 and probably prior Tested Version: 6.6.1.0 r43343 Vendor Notification: June 5, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: Cross-Site Scripting...
Insufficient Authorization vulnerability in Act
Hello 3APA3A! This is Insufficient Authorization vulnerability in Act. It is conference software on Perl. Besides Insufficient Authorization, there are a lot of other vulnerabilities in Act. ------------------------- Affected products: ------------------------- Vulnerable are all versions of Act...
[ MDVSA-2013:220 ] lcms
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:220 http://www.mandriva.com/en/support/security/ Package : lcms Date : August 27, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated lcms packages fix security...
Updated [CVE-2013-2136] Apache CloudStack Cross-site scripting (XSS) vulnerabiliity
Issued: August 6, 2013 Updated: August 7, 2013 Product: Apache CloudStack Vendor: The Apache Software Foundation Vulnerability Types: Cross-site scripting XSS Vulnerable versions: Apache CloudStack versions 4.0.0-incubating, 4.0.1-incubating, 4.0.2 and 4.1.0 CVE References: CVE-2013-2136 Risk...
[ MDVSA-2013:212 ] otrs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:212 http://www.mandriva.com/en/support/security/ Package : otrs Date : August 13, 2013 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerability: It was discovered...
Struts2 Prefixed Parameters Open Redirect Vulnerability
CVE Number: CVE-2013-2248 Title: Struts2 Prefixed Parameters Open Redirect Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-017...
[SECURITY] [DSA 2748-1] exactimage security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2748-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2013 http://www.debian.org/security/faq -...
[ MDVSA-2013:213 ] xymon
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:213 http://www.mandriva.com/en/support/security/ Package : xymon Date : August 13, 2013 Affected: Business Server 1.0 Problem Description: Updated xymon package fixes security vulnerability: A security...
[SECURITY] [DSA 2747-1] cacti security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2747-1 [email protected] http://www.debian.org/security/ Florian Weimer August 31, 2013 http://www.debian.org/security/faq -...
Struts2 Prefixed Parameters OGNL Injection Vulnerability
CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-016...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
exactimage DoS
Few dcraw vulnerabilities...
Joomseller "Events Booking Pro" and "JSE Event" reflected XSS
---------------------------------------------------------------------------------------------- Joomseller "Events Booking Pro" and "JSE Event" reflected XSS ---------------------------------------------------------------------------------------------- + Software Link:...
SQL Injection in Cotonti
Advisory ID: HTB23164 Product: Cotonti Vendor: Cotonti Team Vulnerable Versions: 0.9.13 and probably prior Tested Version: 0.9.13 Vendor Notification: July 10, 2013 Vendor Patch: July 17, 2013 Public Disclosure: July 31, 2013 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2013-4789...
Vulnerabilities in multiple plugins for WordPress with GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands web...
Joomla! redSHOP component v1.2 SQL Injection
-------------------------------------------- Joomla! redSHOP component v1.2 SQL Injection -------------------------------------------- == Description == - Product: Joomla! redSHOP component - Product link: http://redcomponent.com/redcomponent/redshop - Vendor: redcomponent - Affected versions:...
ReviewBoard Vulnerabilities
ReviewBoard www.reviewboard.org aims to 'take the pain out of code review'. Integration with source control makes it imperative to maintain proper protections on this server. I have worked with the developers to resolve multiple XSS conditions and harden web server configurations. The XSS...
CS and XSS vulnerabilities in GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in GDD FLVPlayer. ------------------------- Affected products: ------------------------- Vulnerable are GDD FLVPlayer v3.635 and previous versions. ------------------------- Affected vendors: -----------------------...
CS, XSS and FPD vulnerabilities in MCImageManager for TinyMCE
Hello 3APA3A! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...
SQL Injection vulnerability in Soltech.CMS
Hello 3APA3A! There is SQL Injection vulnerability in Soltech.CMS. This is commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are Soltech.CMS v 0.4 and previous versions. ------------------------- Affected vendors: ------------------------- Soltech...
[USN-1939-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1939-1 September 06, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
FreeBSD information leakage
Kernel memory content leakage via SCTP sockets...
libtiff multiple security vulnerabilities
Vulnerabilities in different utilities...
NEW VMSA-2013-0010 VMware Workstation host privilege escalation vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2013-0010 Synopsis: VMware Workstation host privilege escalation vulnerability Issue date: 2013-08-22 Updated on: 2013-08-22 initial...
[SECURITY] [DSA 2744-1] tiff security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2744-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 27, 2013 http://www.debian.org/security/faq -...
[ MDVSA-2013:219 ] libtiff
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:219 http://www.mandriva.com/en/support/security/ Package : libtiff Date : August 23, 2013 Affected: Business Server 1.0 Problem Description: Updated libtiff packages fix security vulnerabilities: Pedro Ribei...
SPICE DoS
assert on loops processing...
CVE-2013-4124 samba nttrans dos private exploit
Hi Forks! It's my samba private exploit and article of it. the security bug occurs while nttrans reply in samba daemon source code tree. the remote dos exploit that i copied from another nttrans exploit in 2003. and can't test it yet, check it out! CVE-2013-4124 samba dos private exploit: -...
libtiff <= 3.9.5 integer overflow bug
+----------------------------------------------------+ | XADV-2013001 libtiff = 3.9.5 integer overflow bug | +----------------------------------------------------+ vulnerable versions: - libtiff 3.9.5 = - libtiff 3.6.0 not vulnerable versions: - libtiff 4.0.3 - libtiff 4.0.2 - libtiff 4.0.1 -...
Samba DoS
Memory exhaustion on malformed nttrans request processing...
VMWare privilege escalation
vmware-mount privilege escalation...
FreeBSD Security Advisory FreeBSD-SA-13:10.sctp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:10.sctp Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in sctp4 Category: core Module: sctp Announced: 2013-08-22 Credits: Julian Seward...
[ MDVSA-2013:214 ] python
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:214 http://www.mandriva.com/en/support/security/ Package : python Date : August 21, 2013 Affected: Business Server 1.0 Problem Description: Updated python packages fix security vulnerability: Ryan Sleevi of...
perl-Proc-ProcessTable symbolic links vulnerabilities
Symbolic links vulnerabilities on /tmp/TTYDEVS processing...
FreeBSD ip_multicast integer overflow
Integer overflow on buffer size calculation in IPMSFILTER...
[SECURITY] [DSA 2741-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2741-1 [email protected] http://www.debian.org/security/ Michael Gilbert August 25, 2013 http://www.debian.org/security/faq -...