|
|
Prev week |
Colapse all |
Post message
SQL Injection in CLANSPHERE 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22694 Reference: http://www.htbridge.ch/advisory/sql_injection_in_clansphere.html Product: CLANSPHERE Vendor: csphere.eu ( http://www.csphere.eu/ ) Vulnerable Version: 2010.0 Final Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection Status: Fixed by Vendor [ more ] [ reply ] XSS in CLANSPHERE 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22693 Reference: http://www.htbridge.ch/advisory/xss_in_clansphere.html Product: CLANSPHERE Vendor: csphere.eu ( http://www.csphere.eu/ ) Vulnerable Version: 2010.0 Final Vendor Notification: 02 November 2010 Vulnerability Type: XSS (Cross Site Scripting) Status: Fixed by Vend [ more ] [ reply ] Path disclosure in CLANSPHERE 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22692 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_clansphere.html Product: CLANSPHERE Vendor: csphere.eu ( http://www.csphere.eu/ ) Vulnerable Version: 2010.0 Final Vendor Notification: 02 November 2010 Vulnerability Type: Path disclosure Status: Fixed by Ven [ more ] [ reply ] BBcode XSS in CLANSPHERE 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22691 Reference: http://www.htbridge.ch/advisory/bbcode_xss_in_clansphere.html Product: CLANSPHERE Vendor: csphere.eu ( http://www.csphere.eu/ ) Vulnerable Version: 2010.0 Final Vendor Notification: 02 November 2010 Vulnerability Type: BBcode XSS Status: Fixed by Vendor Risk l [ more ] [ reply ] Cisco Unified Videoconferencing multiple vulnerabilities - CVE-2010-3037 CVE-2010-3038 2010-11-17 Florent Daigniere (florent daigniere trustmatta com) Matta Consulting - Matta Advisory http://www.trustmatta.com Cisco Unified Videoconferencing multiple vulnerabilities Advisory ID: MATTA-2010-001 CVE reference: CVE-2010-3037 CVE-2010-3038 Affected platforms: Cisco Unified Videoconferencing 3515,3522,3527,5230,3545, 5110,5115 Systems and u [ more ] [ reply ] Cisco Security Response: Multiple Vulnerabilities in Cisco Unified Videoconferencing Products 2010-11-17 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Response: Multiple Vulnerabilities in Cisco Unified Videoconferencing Products http://www.cisco.com/warp/public/707/cisco-sr-20101117-cuvc.shtml Revision 1.0 For Public Release 2010 November 17 1600 UTC (GMT) +---------------------- [ more ] [ reply ] Information disclosure in IceBB 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22687 Reference: http://www.htbridge.ch/advisory/information_disclosure_in_icebb_1.html Product: IceBB Vendor: XAOS Interactive ( http://icebb.net/ ) Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Information Disclosure Status: Not Fixed [ more ] [ reply ] Path disclosure in IceBB 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22689 Reference: http://www.htbridge.ch/advisory/path_disclosure_in_icebb.html Product: IceBB Vendor: XAOS Interactive ( http://icebb.net/ ) Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Path disclosure Status: Not Fixed, Vendor Alerted [ more ] [ reply ] Information disclosure in IceBB 2010-11-16 advisory htbridge ch Vulnerability ID: HTB22686 Reference: http://www.htbridge.ch/advisory/information_disclosure_in_icebb.html Product: IceBB Vendor: XAOS Interactive ( http://icebb.net/ ) Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Information Disclosure Status: Not Fixed, [ more ] [ reply ] [ GLSA 201011-01 ] GNU C library: Multiple vulnerabilities 2010-11-15 Tobias Heinlein (keytoaster gentoo org) LFI and XSS vulnerability in openEngine 2010-11-16 SecPod Research (research secpod com) Hi All, SecPod Research Team has found LFI and XSS vulnerability in openEngine. Advisory details has been attached to this mail. Regards, SecPod Research Team http://www.secpod.com ######################################################################## ###### openEngine Local File Inclusion [ more ] [ reply ] [security bulletin] HPSBPI02575 SSRT090255 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files 2010-11-16 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02004333 Version: 1 HPSBPI02575 SSRT090255 rev.1 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files NOTICE: The informa [ more ] [ reply ] Quick update on Google Chrome's Math.random() predictability by Amit Klein, Trusteer 2010-11-16 Amit Klein (amit klein trusteer com) Hi list, This is a quick update regarding Google Chrome's Math.random implementation and its vulnerability. Our original results with Google Chrome 3.0 and above don't hold as-is for Google 6.0 and above due to a change introduced in the Google Chrome Math.random implementation. However, the attack [ more ] [ reply ] Eclipse IDE | Help Server Local Cross Site Scripting (XSS) Vulnerability 2010-11-16 YGN Ethical Hacker Group (lists yehg net) ========================================================= Eclipse IDE | Help Server Local Cross Site Scripting (XSS) Vulnerability ========================================================= 1. OVERVIEW The Help Content web application of Eclipse IDE was vulnerable to Cross Site Scripting (XSS) Vu [ more ] [ reply ] VMSA-2010-0016 VMware ESXi and ESX third party updates for Service Console and Likewise components 2010-11-16 VMware Security team (security vmware com) Packet Storm - New Site 2010-11-15 bugtraq packetstormsecurity org Packet Storm Security Launches New Site http://packetstormsecurity.org/ November 15, 2010 - Today is the launch of a completely new version of Packet Storm that has been long awaited and is long overdue. The security community has given us a lot of feedback during our design phase and we have a [ more ] [ reply ] Saved XSS vulnerability in Internet Explorer 2010-11-14 MustLive (mustlive websecurity com ua) Hello Bugtraq! I want to warn you about Cross-Site Scripting vulnerability in Internet Explorer. This is Post Persistent XSS (Save XSS) (http://websecurity.com.ua/2641/). ------------------------- Affected products: ------------------------- Vulnerable versions are Internet Explorer 6 (6.0.2900.2 [ more ] [ reply ] vBulletin 4.0.8 - Persistent XSS via Profile Customization 2010-11-15 advisories intern0t net vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 (3.8.* is not vulnerable.) Info: Content publishing, search, security, and more? vBulletin has it all. Whether it?s available features, support, or ease-of-use, vBulletin offers the most for your money. [ more ] [ reply ] [SECURITY] [DSA 2038-3] New pidgin packages fix regression 2010-11-13 Thijs Kinkhorst (thijs debian org) TWSL2010-006: Multiple Vulnerabilities in Camtron CMNC-200 IP Camera 2010-11-12 Trustwave Advisories (trustwaveadvisories trustwave com) Trustwave's SpiderLabs Security Advisory TWSL2010-006: Multiple Vulnerabilities in Camtron CMNC-200 IP Camera https://www.trustwave.com/spiderlabs/advisories/TWSL2010-006.txt Published: 2010-11-12 Version: 1.0 Vendors: Camtron (http://www.camtron.co.kr/) TecVoz (http://www.tecvoz.com.br/) Product [ more ] [ reply ] |
|
Privacy Statement |
Reference: http://www.htbridge.ch/advisory/sql_injection_in_compactcms.html
Product: CompactCMS
Vendor: compactcms.nl ( http://www.compactcms.nl/ )
Vulnerable Version: 1.4.1
Vendor Notification: 02 November 2010
Vulnerability Type: SQL Injection
Status: Fixed by Vendor
R
[ more ] [ reply ]