BugTraq Mode:
(Page 1 of 1707)  1 2 3 4 5 6 7 8 9 10 11  Next >
Joomla com_publication Component - 'sid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_publication component version 3.1 and old version suffers from a remote SQL injection vulnerability.
teste on 3.1 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @

[ more ]  [ reply ]
Joomla com_news Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_news component version 3.1 suffers from a remote SQL injection vulnerability.
teste on 3.x version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@

[ more ]  [ reply ]
Joomla com_filecabinet Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_filecabinet component version 1.6 and old version suffers from a remote SQL injection vulnerability.
teste on 1.6 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@

[ more ]  [ reply ]
Joomla com_frontpage Component - 'Itemid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_frontpage component version 2.x and old version suffers from a remote SQL injection vulnerability.
teste on 2.0 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_phocadownload Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_phocadownload component version 1.x and old version suffers from a remote SQL injection vulnerability.
teste on 1.8 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
#

[ more ]  [ reply ]
[SECURITY] [DSA 3798-1] tnef security update 2017-03-01
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3798-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 01, 2017

[ more ]  [ reply ]
Joomla com_jdownloads Component - 'cid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_jdownloads component version 1.x and old version suffers from a remote SQL injection vulnerability.
teste on 1.5 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_webgrouper Component - 'Itemid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_webgrouper component version 1.6 and 1.7 and old version suffers from a remote SQL injection vulnerability.
teste on 1.6 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in Contact Form WordPress
Plugin
------------------------------------------------------------------------

Julien Rentrop, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery & Cross-Site Scripting in Contact Form
Manager WordPress Plugin
------------------------------------------------------------------------

Edwin Molenaar, July 2016

------------------------------------

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in User Login Log WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in User Login Log WordPress
Plugin
------------------------------------------------------------------------

Axel Koolhaas, July 2016

---------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Magic Fields 1 WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Magic Fields 1 WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Atahualpa WordPress Theme 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Atahualpa WordPress Theme
------------------------------------------------------------------------

Spyros Gasteratos, July 2016

--------------------------------------------------------------------

[ more ]  [ reply ]
Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery
------------------------------------------------------------------------

Radjnies Bhansingh, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in WordPress Download Manager Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in WordPress Download Manager Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

----------------------------------------------------------------

[ more ]  [ reply ]
Persistent Cross-Site Scripting in the WordPress NewStatPress plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in the WordPress NewStatPress plugin
------------------------------------------------------------------------

Han Sahin, July 2016

---------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Gwolle Guestbook WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Gwolle Guestbook WordPress Plugin
------------------------------------------------------------------------

Radjnies Bhansingh, July 2016

---------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Global Content Blocks WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Global Content Blocks WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-----------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in File Manager WordPress plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in File Manager WordPress plugin
------------------------------------------------------------------------

David Vaartjes, July 2016

-------------------------------------------------------------------

[ more ]  [ reply ]
Admin Custom Login WordPress plugin custom login page affected by persistent Cross-Site Scripting 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Admin Custom Login WordPress plugin custom login page affected by
persistent Cross-Site Scripting
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------

[ more ]  [ reply ]
Admin Custom Login WordPress plugin affected by persistent Cross-Site Scripting via Logo URL field 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Admin Custom Login WordPress plugin affected by persistent Cross-Site
Scripting via Logo URL field
------------------------------------------------------------------------

Burak Kelebek, July 2016

-----------------------------

[ more ]  [ reply ]
Analytics Stats Counter Statistics WordPress Plugin unauthenticated PHP Object injection vulnerability 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Analytics Stats Counter Statistics WordPress Plugin unauthenticated PHP
Object injection vulnerability
------------------------------------------------------------------------

Yorick Koster, June 2016

-------------------------

[ more ]  [ reply ]
Multiple persistent Cross-Site Scripting vulnerabilities in osTicket 2017-02-28
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Multiple persistent Cross-Site Scripting vulnerabilities in osTicket
------------------------------------------------------------------------

Han Sahin, July 2016

---------------------------------------------------------------

[ more ]  [ reply ]
Advisory X41-2017-001: Multiple Vulnerabilities in X.org 2017-02-28
X41 D-Sec GmbH Advisories (advisories x41-dsec de)

X41 D-Sec GmbH Security Advisory: X41-2017-001

Multiple Vulnerabilities in X.org
=================================

Overview
--------
Vendor: X.org/Freedesktop.org
Vendor URL: https://www.x.org/wiki/
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2

[ more ]  [ reply ]
[SECURITY] [DSA 3788-2] tomcat8 regression update 2017-02-22
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3788-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
February 22, 2017

[ more ]  [ reply ]
[security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information 2017-02-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053983
22

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05398322

Version: 1

HPESBHF03709 rev.1

[ more ]  [ reply ]
APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1 2017-02-21
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1

Logic Pro X 10.3.1 is now available and addresses the following:

Projects
Available for: OS X Yosemite v10.10 or later (64 bit)
Impact: Opening a maliciously crafted GarageBand Project file may
lead to arbit

[ more ]  [ reply ]
PDFMate PDF Converter Pro 1.7.5.0 - Buffer Overflow Vulnerability 2017-02-20
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
PDFMate PDF Converter Pro 1.7.5.0 - Buffer Overflow Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2029

Release Date:
=============
2017-01-30

Vulnerability Laboratory ID (VL-ID):
====================

[ more ]  [ reply ]
[SECURITY] [DSA 3790-1] spice security update 2017-02-16
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3790-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
February 16, 2017

[ more ]  [ reply ]
[SYSS-2017-004] Simplessus Files: Path Traversal 2017-02-16
adrian vollmer syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Advisory ID: SYSS-2017-004
Product: Simplessus Files
Manufacturer: Simplessus
Affected Version(s): 3.7.7
Tested Version(s): 3.7.7
Vulnerability Type: Path Traversal (CWE-22)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: January 2

[ more ]  [ reply ]
(Page 1 of 1707)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus