Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities

Title: ====== Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities Date: ===== 2013-04-21 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=932 VL-ID: ===== 932 Common Vulnerability Scoring System: ==================================== 6.1 Introduction: ===========...

Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability

Title: ====== Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability Date: ===== 2013-07-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1000 VL-ID: ===== 1000 Common Vulnerability Scoring System: ==================================== 6.7 Introduction:...

eFile Wifi Transfer Manager 1.0 iOS - Multiple Vulnerabilities

Title: ====== eFile Wifi Transfer Manager 1.0 iOS - Multiple Vulnerabilities Date: ===== 2013-06-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=982 VL-ID: ===== 982 Common Vulnerability Scoring System: ==================================== 6.8 Introduction:...

Re: Project Pier Web Vulnerabilities

Mitre has assigned the following CVE's for these issues in Project Pier: XSS: CVE-2013-3635 Session cookies lack HttpOnly flag: CVE-2013-3636 Session cookies lack Secure flag: CVE-2013-3637 On Tue, May 21, 2013 at 9:26 PM, the infinitenigma [email protected] wrote: Summary...

ESA-2013-032 RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka “Lucky Thirteen”) Vulnerability

ESA-2013-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-032: RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery aka “Lucky Thirteen” Vulnerability EMC Identifier: ESA-2013-032 CVE Identifier: CVE-2013-0169 Severity Rating: CVSS v2 Base Score: 2.6...

Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units

Note: In June I released a partial disclosure for just the RT-N66U on the issue of directory traversal. I have only heard back from ASUS a twice on the issue, and I understand they are working on a fix. However, no serious attempt to our knowledge has been made to warn their customers in the...

XSS, CS and FPD vulnerabilities in I Love It theme for WordPress

Hello 3APA3A! These are Cross-Site Scripting, Content Spoofing and Full path disclosure vulnerabilities in I Love It theme for WordPress. This is commercial premium theme. ------------------------- Affected products: ------------------------- All versions of I Love It theme for WordPress. The the...

Wifi Album v1.47 iOS - Command Injection Vulnerability

Title: ====== Wifi Album v1.47 iOS - Command Injection Vulnerability Date: ===== 2013-04-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=935 VL-ID: ===== 935 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: ============= WiF...

[Foreground Security 2013-002]: Corda Path Disclosure and XSS

Corda Path Disclosure and XSS ============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2013-002 - Original release date: July 12, 2013 - Discovered by: Adam Willard Software Security Analyst at Foreground Security - Contact: awillard at foregroundsecurit...

[ MDVSA-2013:195 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:195 http://www.mandriva.com/en/support/security/ Package : php Date : July 12, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected...

[waraxe-2013-SA#106] - Multiple Vulnerabilities in Saurus CMS 4.7.1

waraxe-2013-SA106 - Multiple Vulnerabilities in Saurus CMS 4.7.1 ================================================================================ Author: Janek Vind "waraxe" Date: 14. July 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-106.html Description of vulnerable software...

[security bulletin] HPSBST02896 rev.1 - HP StoreVirtual Storage, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03825537 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03825537 Version: 1 HPSBST02896 rev....

CVE-2013-3739 Local File Inclusion in Weathermap <= 0.97C

============================================= WEBERA ALERT ADVISORY 01 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request - 03/06/2013 - CVE Assign - 03/06/2013 - CVE Number - CVE-2013-3739 - Vendor notification - 03/06/2013 - Vendor reply - No reply - Public disclosure - 10/06/201...

Multiple Vulnerabilities in OpenX

Advisory ID: HTB23155 Product: OpenX Vendor: OpenX Vulnerable Versions: 2.8.10 and probably prior Tested Version: 2.8.10 Vendor Notification: May 8, 2013 Vendor Patch: June 28, 2013 Public Disclosure: July 3, 2013 Vulnerability Type: PHP File Inclusion CWE-98, Cross-Site Scripting CWE-79 CVE...

File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities

====== File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities Date: ===== 2013-05-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=939 VL-ID: ===== 939 Common Vulnerability Scoring System: ==================================== 5.9 Introduction: ============= You ha...

[ANN] Struts 2.3.14.1 GA (fast track | security)

The Apache Struts group is pleased to announce that Struts 2.3.14.1 is available as a "General Availability" release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed...

Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities

Title: ====== Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities Date: ===== 2013-05-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=960 VL-ID: ===== 960 Common Vulnerability Scoring System: ==================================== 3.9 Introduction: =============...

Linksys routers security vulnerabilities

Crossite request forgery, XSS, code execution in web administration interface...

SimpleTransfer 2.2.1 - Command Injection Vulnerabilities

Title: ====== SimpleTransfer 2.2.1 - Command Injection Vulnerabilities Date: ===== 2013-05-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=937 VL-ID: ===== 937 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: =============...

XSS and CS vulnerabilities in TinyMCE Image Manager

Hello 3APA3A! These are Cross-Site Scripting and Content Spoofing vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. ------------------------- Affected...

DD-WRT crossite request forgery

Crossite request forgery via web interface...

Gnome File Roller directory traversal

Directory traversal on archive processing...

[ MDVSA-2013:193 ] apache

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:193 http://www.mandriva.com/en/support/security/ Package : apache Date : July 11, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected i...

[ MDVSA-2013:188 ] otrs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:188 http://www.mandriva.com/en/support/security/ Package : otrs Date : July 2, 2013 Affected: Business Server 1.0 Problem Description: Updated otrs package fixes security vulnerabilities: An attacker with a...

[security bulletin] HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03808969 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03808969 Version: 1 HPSBHF02888 rev....

Linux kernel security vulnerabilities

iSCSI memory corruption, multiple information leaks, DoS, Broadcom B43 driver privilege escalation...

Adobe Coldfusion multiple security vulnereabilities

DoS, code execution...

IA and AFU vulnerabilities in aCMS

Hello 3APA3A! These are Insufficient Authorization and Arbitrary File Uploading vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the second part of them. ------------------------- Affected products: ------------------------- Vulnerable are aCMS...

Multiple Vulnerabilities in Exponent CMS

Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injection CWE-89,...

HP StoreVirtual unauthorized access

No description provided...

[Foreground Security 2013-001]: Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting (XSS) vulnerability

Joomla AICONTACTSAFE 2.0.19 Extension Cross-Site Scripting XSS vulnerability ============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2013-001 - Original release date: July 10, 2013 - Discovered by: Adam Willard Software Security Analyst at Foreground...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Multiple vulnerabilities in aCMS

Hello 3APA3A! These are Cross-Site Scripting, Content Spoofing and Information Leakage vulnerabilities in aCMS. This is commercial CMS. There are multiple vulnerabilities in aCMS and it's the first part of them. ------------------------- Affected products: ------------------------- Vulnerable are...

SEC Consult SA-20130605-0 :: Multiple vulnerabilities in CTERA Portal

SEC Consult Vulnerability Lab Security Advisory 20130605-0 ======================================================================= title: Multiple vulnerabilities in CTERA Portal product: CTERA Portal vulnerable version: 3.1 fixed version: 3.2 impact: Critical homepage: http://www.ctera.com found...

ASUS RT-N66U Router - HTTPS Directory traversal and full file access and credential disclosure vuln

Vulnerable product: ASUS RT-N66U when HTTPS WebService via AiCloud is enabled AC66R and RT-N65U are effected as well, but need more testing Vulnerabilities: - Linux 2.6.22 - Researched on both 3.0.0.4.270 and 3.0.0.4.354 firmware - Full directory traversal and plain text disclosure of all sensiti...

Asus routers security vulnerabilities

Information leakage, code execution...

Microsoft Windows information leakage

It's possible to recover administrator's password used during system installation...

Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95

Classification: NON SENSITIVE INFORMATION RELEASABLE TO THE PUBLIC Multiple vulnerabilities in BMC SERVICE DESK EXPRESS SDE Version 10.2.1.95 Affected Product: BMC SERVICE DESK EXPRESS SDE Version 10.2.1.95 Timeline: 07 June 2013 - Vulnerability found 12 June 2013 - Vendor informed 17 June 2013 -...

Linksys X3000 - Multiple Vulnerabilities

Device: X3000 Vendor: Linksys ============ Vulnerable Firmware Releases: ============ Firmware Version: v1.0.03 build 001 Jun 11,2012 ============ Vulnerability Overview: ============ OS Command Injection The vulnerability is caused by missing input validation in the pingip parameter and can be...

[ANN] Struts 2.3.14.3 GA (fast-track) release available

The Apache Struts group is pleased to announce that Struts 2.3.14.3 is available as a "General Availability" release. The GA designation is our highest quality grade. Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework is designed...

Windows 7/8 admin account installation password stored in the clear in LSA Secrets

---------------------------------- Bug title: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Affected systems: Windows 7, 8 related issue on XP Author: Xavier CC ---------------------------------- Background: ---------------------------------- "Windows LSA...

Barnraiser Prairie OpenID idp: Directory traversal attack

The OpenID idp software "Barnraiser Prairie" http://www.barnraiser.org/prairie/ is vulnerable to directory traversal attacks: ./getfile.php does not limit the given path and allows directory traversal attacks with full public access to all images on the server. Example exploit:...

CVE-2013-3568 - Linksys CSRF + Root Command Injection

Hi list, I would like to inform you that the latest available Linksys WRT110 firmware is prone to root shell command injection via cross-site request forgery. This vulnerability is the result of the web interface's failure to sanitize ping targets as well as a lack of csrf tokens. Linksys/Belkin...

Re: Cisco/Linksys E1200 N300 Reflected XSS

Mitre has assigned the following CVE for this issue: CVE-2013-2679 On Mon, Apr 29, 2013 at 12:27 AM, Carl Benedict [email protected] wrote: Summary -------------------- Software : Cisco/Linksys Router OS Hardware : E1200 N300 others currently untested Version : 2.0.04 others currently...

Joomla crypto vulnerability (all versions)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vulnerable Application All current and past versions of Joomla http://www.joomla.org up to 1.5.26, 2.5.11, 3.1.1. Also the Joomla platform and maybe the Joomla framework not tested. At the moment there is no vendor patch available. The Problem The...

MiniUPnPd information leakage

Memory content leakage in SSDP reply...

Multiple IP-cameras backdoor accounts

Hardcoded accounts...

Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities

Title: ====== Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities Date: ===== 2013-04-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=934 VL-ID: ===== 934 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: ============...

Multiple vulnerabilities in McAfee ePO 4.6.6

Classification: NON SENSITIVE INFORMATION RELEASABLE TO THE PUBLIC Multiple vulnerabilities in McAfee ePO 4.6.6 Affected Product: McAfee ePO 4.6.6 Build 176 & potentially earlier versions Timeline: 08 June 2013 - Vulnerability found 12 June 2013 - Vendor informed 12 June 2013 - Vendor...

libxml2 DoS

Out-of-memory reading on incomplete document parsing...