BugTraq Mode:
(Page 15 of 1685)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >
Negin Group CMS - (v) Multiple Web Vulnerabilities 2016-04-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Negin Group CMS - (v) Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1831

Release Date:
=============
2016-04-25

Vulnerability Laboratory ID (VL-ID):
====================================

[ more ]  [ reply ]
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability 2016-04-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1820

Release Date:
=============
2016-04-19

Vulnerability Laboratory ID (VL-ID):
=========================

[ more ]  [ reply ]
Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities 2016-04-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1721

Cyberoam Ticket ID: #1001314
Case ID: CCC-4208

Release Date:
=============
2016-04-18

Vuln

[ more ]  [ reply ]
UBNT Bug Bounty #2 - XML External Entity Vulnerability 2016-04-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
UBNT Bug Bounty #2 - XML External Entity Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1466

Release Date:
=============
2016-04-14

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability 2016-04-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1769

Release Date:
=============
2016-04-08

Vulnerability Laboratory ID (VL-ID):
=====================

[ more ]  [ reply ]
C & C++ for OS - Filter Bypass & Persistent Vulnerability 2016-04-25
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
C & C++ for OS - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1825

Release Date:
=============
2016-04-14

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
Telisca IPS Lock 2 Vulnerability 2016-04-25
karim reda Fakhir (karim fakhir gmail com)
a vulnerability in IPS LOCK , below is the description :

# Exploit Title: TELISCA IPS LOCK ABUSE
# Date: 13/01/2016
# Software Link: http://www.telisca.com/products/ip-phone-apps/ipslock/
# Exploit Author: Fakhir Karim Reda
# Contact: karim.fakhir (at) gmail (dot) com [email concealed]
# Metasploit module :
https://www.rapid

[ more ]  [ reply ]
[SECURITY] [DSA 3556-1] libgd2 security update 2016-04-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3556-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 24, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3555-1] imlib2 security update 2016-04-23
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3555-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
April 23, 2016

[ more ]  [ reply ]
Unlimited Pop-Ups WordPress Plugin XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : Unlimited Pop-Ups WordPress Plugin
#Exploit Author : Rahul Pratap Singh
#Version : 1.4.3
#Home page Link :
http://codecanyon.net/item/unlimited-popups-wordpress-plugin/8575498
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94

[ more ]  [ reply ]
Easy Social Share Buttons for WordPress XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product :Easy Social Share Buttons for WordPress
#Exploit Author : Rahul Pratap Singh
#Version :3.2.5
#Home page Link :
http://codecanyon.net/item/easy-social-share-buttons-for-wordpress/63944
76
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulprat

[ more ]  [ reply ]
Google SEO Pressor Snippet Plugin XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : Google SEO Pressor Snippet Plugin
#Exploit Author : Rahul Pratap Singh
#Version :1.2.6
#Home page Link : https://wordpress.org/plugins/google-seo-author-snippets/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4

[ more ]  [ reply ]
Echosign Plugin for WordPress XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : Echosign Plugin
#Exploit Author : Rahul Pratap Singh
#Version :1.1
#Home page Link : https://wordpress.org/plugins/echosign/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

-----------

[ more ]  [ reply ]
Tweet-wheel XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product :Tweet-wheel
#Exploit Author : Rahul Pratap Singh
#Version :1.0.3.2
#Home page Link : https://wordpress.org/plugins/tweet-wheel/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

---------

[ more ]  [ reply ]
CM-AD-Changer XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product : cm-ad-changer
#Exploit Author : Rahul Pratap Singh
#Version :1.7.2
#Home page Link : https://wordpress.org/plugins/cm-ad-changer/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

------

[ more ]  [ reply ]
Persian-woocommerce-sms XSS Vulnerability 2016-04-23
Rahul Pratap Singh (techno rps gmail com)
## FULL DISCLOSURE

#Product :Persian-woocommerce-sms
#Exploit Author : Rahul Pratap Singh
#Version :3.3.2
#Home page Link : https://wordpress.org/plugins/persian-woocommerce-sms/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vul

[ more ]  [ reply ]
Remote Code Execution in Shopware <5.1.5 (CVE-2016-3109) 2016-04-23
david vieira-kurz immobilienscout24 de
CREDITS
========
This issue has been identified by David Vieira-Kurz of Immobilien Scout GmbH.

CVE
====
CVE-2016-3109

AFFECTED PRODUCT
==================
Shopware < 5.1.5 : https://en.shopware.com/

IMPACT
=======
This issue has been triaged with the highest severity (CRITICAL) by the Shopware mai

[ more ]  [ reply ]
[security bulletin] HPSBMU03573 rev.1 - HPE System Management Homepage (SMH), Remote Disclosure of Information 2016-04-22
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05096953

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05096953
Version: 1

HPSBMU03573

[ more ]  [ reply ]
[security bulletin] HPSBGN03580 rev.1 - HP Data Protector, Remote Code Execution, Remote Unauthorized Disclosure of Information 2016-04-22
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05085988

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05085988
Version: 1

HPSBGN03580

[ more ]  [ reply ]
SEC Consult SA-20160422-1 :: Multiple vulnerabilities in Digitalstrom Konfigurator 2016-04-22
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < publishing date 20160422-1 >
=======================================================================
title: Multiple vulnerabilities in Digitalstrom Konfigurator
product: Digitalstrom Konfigurator
vulnerable version: 1.10.0

[ more ]  [ reply ]
SEC Consult SA-20160422-0 :: Insecure credential storage in my devolo Android app 2016-04-22
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20160422-0 >
=======================================================================
title: Insecure data storage
product: my devolo - android application - air.de.devolo.my.devolo
vulnerable version: 1.2.8
fixed vers

[ more ]  [ reply ]
[SECURITY] [DSA 3553-1] varnish security update 2016-04-22
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3553-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
April 22, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3554-1] xen security update 2016-04-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3554-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
April 21, 2016

[ more ]  [ reply ]
CVE-2016-3074: libgd: signedness vulnerability 2016-04-21
Hans Jerry Illikainen (hji dyntopia com)
Overview
========

libgd [1] is an open-source image library. It is perhaps primarily used
by the PHP project. It has been bundled with the default installation
of PHP since version 4.3 [2].

A signedness vulnerability (CVE-2016-3074) exist in libgd 2.1.1 which
may result in a heap overflow when p

[ more ]  [ reply ]
exploit CVE-2016-2203 2016-04-21
karim reda Fakhir (karim fakhir gmail com)
# Exploit Title: Symantec Brightmail ldap credential Grabber
# Date: 18/04/2016
# Exploit Author: Fakhir Karim Reda
# Vendor Homepage:
https://www.symantec.com/security_response/securityupdates/detail.jsp?fi
d=security_advisory&pvid=security_advisory&year&suid=20160418_00
# Version: 10.6.0-7 and earl

[ more ]  [ reply ]
OpenTSDB RCE 2016-04-21
gsoc gsoc se

The paramenter wxh needs some sanitation before being used by opentsdb.

See example url:

http://opentsdb.com:4242/q?start=2016/04/13-10:21:00&ignore=2&m=sum:jmxd
ata.cpu&o=&yrange=[0:]&key=out%20right%20top&wxh=1900x770%60id%60&style=
linespoint&png

Results in RCE unfortunately

More parameters:

[ more ]  [ reply ]
Webutler CMS 3.2 - Cross-Site Request Forgery 2016-04-21
displaymyname gmail com
*# Exploit Title: Webutler CMS Cross-Site Request Forgery*
*# Date: 18 April 2016*
*# Exploit Author: Keerati T. (Post)*
*# Vendor Homepage: http://webutler.de/en <http://webutler.de/en>*
*# Software Link: http://webutler.de/download/webutler_v3.2.zip
<http://webutler.de/download/webutler_v3.2.zip>*

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Cisco Products libSRTP Denial of Service Vulnerability 2016-04-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Cisco Products libSRTP Denial of Service Vulnerability

Advisory ID: cisco-sa-20160420-libsrtp

Revision 1.0

For Public Release 2016 April 20 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
====

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability 2016-04-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability

Advisory ID: cisco-sa-20160420-asa-dhcpv6

Revision 1.0

For Public Release 2016 April 20 16:00 GMT (UTC)

+----------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability 2016-04-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability

Advisory ID: cisco-sa-20160420-htrd

Revision 1.0

For Public Release 2016 April 20 16:00 GMT (UTC)

+-----------------------------------------------

[ more ]  [ reply ]
(Page 15 of 1685)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus