|
|
Colapse all |
Post message
XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 2015-07-15 Tim Coen (tc coen gmail com) XSS vulnerability in OFBiz forms 2015-07-15 lilian_iatco yahoo com https://issues.apache.org/jira/browse/OFBIZ-6506 In Ofbiz form need to escape characters from description column in a display-entity tag to avoid XSS attacks. <display-entity entity-name="Table" description="${description}" > I tried to use bsh, as following: <display-entity entity-name="Table" d [ more ] [ reply ] [CVE-2015-2862/2863 / CERT VU#919604] Kaseya VSA arbitrary file download / open redirect 2015-07-13 Pedro Ribeiro (pedrib gmail com) tl;dr Two vulns in Kaseya Virtual System Administrator - an authenticated arbitrary file download and two lame open redirects. Full advisory text below and at [1]. Thanks to CERT for helping me to disclose these vulnerabilities [2]. >> Multiple vulnerabilities in Kaseya Virtual System Administrato [ more ] [ reply ] CFP: Passwords 2015, Dec 7-9, Cambridge, UK 2015-07-10 Per Thorsheim (per thorsheim net) ======================================================================== = Passwords 2015 The 9th International Conference on Passwords 7, 8, 9 December 2015 University of Cambridge, United Kingdom http://www.cl.cam.ac.uk/events/passwords2015/ https://passwordscon.org/ =============================== [ more ] [ reply ] CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal 2015-07-13 Brian Cardinale (brian cardinaleconsulting com) The AjaxControlToolkit prior to version 15.1 has a file upload directory traversal vulnerability which on a poorly configured web server can lead to remote code execution. The issue affects any application using the AjaxFileUpload control. The vulnerability arises because the =E2=80=9CfileId=E2=80= [ more ] [ reply ] [SYSS-2015-031] sysPass - SQL Injection 2015-07-13 disclosure syss de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Version(s): 1.0.9 and below Tested Version(s): 1.0.9 Vulnerability Type: SQL Injection (CWE-89) Risk Level: High Solution Status: Fixed Vendor Notification: 2014-07-27 S [ more ] [ reply ] phpSQLiteCMS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS 2015-07-13 apparitionsec gmail com [+] Credits: John Page ( hyp3rlinx ) [+] Domains: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-PHPSQLITECMS0712.txt Vendor: ================================ phpsqlitecms.net Product: ================================ ilosuna-phpsqlitecms-d9b8219 Adviso [ more ] [ reply ] [slackware-security] mozilla-thunderbird (SSA:2015-192-01) 2015-07-12 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2015-192-01) New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ p [ more ] [ reply ] SQL Injection, Reflected XSS, Path Traversal, Function Execution in ZenPhoto 1.4.8 2015-07-10 Tim Coen (tc coen gmail com) Vulnerability: SQL Injection, Reflected XSS, Path Traversal Affected Software: ZenPhoto (http://www.zenphoto.org/) Affected Version: 1.4.8 (probably also prior versions) Patched Version: 1.4.9 Risk: Medium Vendor Contacted: 2015-05-18 Vendor Fix: 2015-07-09 Public Disclosure: 2015-07-10 SQL Injecti [ more ] [ reply ] [security bulletin] HPSBGN03373 rev.1 - HP Release Control running TLS, Remote Disclosure of Information 2015-07-10 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04740527 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04740527 Version: 1 HPSBGN03373 re [ more ] [ reply ] Cisco Security Advisory: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products 2015-07-10 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products Advisory ID: cisco-sa-20150710-openssl Revision 1.0 For Public Release 2015 July 10 16:00 UTC (GMT) +------------------------ [ more ] [ reply ] ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability 2015-07-10 Security Alert (Security_Alert emc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability EMC Identifier: ESA-2015-115 CVE Identifier: CVE-2015-4526 Severity Rating: CVSSv2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) Affected products: [ more ] [ reply ] CVE-2014-7952, Android ADB backup APK injection vulnerability 2015-07-10 Imre RAD (imre rad search-lab hu) The Android operating system offers a backup/restore mechanism of installed packages through the ADB utility. Full backup of applications including the private files stored on /data partition is performed by default, but applications can customize this behavior by implementing a BackupAgent class. T [ more ] [ reply ] [security bulletin] HPSBGN03351 rev.2 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information 2015-07-10 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04710027 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04710027 Version: 2 HPSBGN03351 re [ more ] [ reply ] [security bulletin] HPSBGN03371 rev.1 - HP IceWall Products running OpenSSL, Remote Denial of Service (DoS) 2015-07-10 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04739301 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04739301 Version: 1 HPSBGN03371 re [ more ] [ reply ] NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability 2015-07-10 VMware Security Response Center (security vmware com) [SECURITY] [DSA 3307-1] pdns-recursor security update 2015-07-09 Alessandro Ghedini (ghedo debian org) [slackware-security] openssl (SSA:2015-190-01) 2015-07-09 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2015-190-01) New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-15:12.openssl 2015-07-09 FreeBSD Security Advisories (security-advisories freebsd org) Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-07-09 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Multiple Vulnerabilities in Cisco ASA Software Advisory ID: cisco-sa-20141008-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis co-sa-20141008-asa Revision 3.0 Last Updated 2015 July 8 21:04 UTC (GMT) For Public Release [ more ] [ reply ] Extra information for CVE-2014-2513 - EMC Documentum Content Server: arbitrary code execution 2015-07-08 andrew panfilov tel Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed On November 2013 I discovered vulnerability in EMC Documentum Content Server which allow authenticated user to execute arbitrary commands using dm_bp_transition docbase method (for detailed [ more ] [ reply ] [SECURITY] [DSA 3305-1] python-django security update 2015-07-08 Alessandro Ghedini (ghedo debian org) [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection 2015-07-08 CORE Advisories Team (advisories coresecurity com) 1. Advisory Information Title: AirLink101 SkyIPCam1620W OS Command Injection Advisory ID: CORE-2015-0011 Advisory URL: http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-comma nd-injection Date published: 2015-07-08 Date of last update: 2015-07-08 Vendors contacted: AirLink101 Releas [ more ] [ reply ] [security bulletin] HPSBUX03363 rev.1 - HP-UX Apache Web Server running OpenSSL, Remote Disclosure of Information 2015-07-08 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04725401 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04725401 Version: 1 HPSBUX03363 re [ more ] [ reply ] Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution 2015-07-08 hdau deloitte fr Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution CVEs: CVE-2015-1560, CVE-2015-1561 Vendor: Merethis - www.centreon.com Product: Centreon Version affected: 2.5.4 and prior Product description: Centreon is the choice of some of the world's largest companies [ more ] [ reply ] SQL Injection in easy2map-photos wordpress plugin v1.09 2015-07-08 Larry W. Cashdollar (larry0 me com) Title: SQL Injection in easy2map-photos wordpress plugin v1.09 Author: Larry W. Cashdollar, @_larry0 Date: 2015-06-08 Download Site: https://wordpress.org/plugins/easy2map-photos Vendor: Steven Ellis Vendor Notified: 2015-06-08, fixed in v1.1.0 Vendor Contact: https://profiles.wordpress.org/stevenel [ more ] [ reply ] Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 2015-07-08 Larry W. Cashdollar (larry0 me com) Title: Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 Author: Larry W. Cashdollar, @_larry0 Date: 2015-07-05 Download Site: https://wordpress.org/plugins/wp-ecommerce-shop-styling Vendor: https://profiles.wordpress.org/haet/ Vendor Notified: 2015-07-05, fixed i [ more ] [ reply ] Symantec EP 12.1.4013 Disabling Vulnerability 2015-07-08 apparitionsec gmail com #include <windows.h> #include <Tlhelp32.h> #define SMC_EXE "Smc.exe" #define SMC_GUI "SmcGui.exe" #define CC_SVC_HST "ccSvcHst.exe" /* By John Page (hyp3rlinx) - Dec 2014 - hyp3rlinx.altervista.org Symantec Endpoint Protection version 12.1.4013 First reported to Symantec - Jan 20, 2015 Goal: Kill [ more ] [ reply ] [slackware-security] bind (SSA:2015-188-04) 2015-07-08 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] bind (SSA:2015-188-04) New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patc [ more ] [ reply ] |
|
Privacy Statement |
Affected Software: GetSimpleCMS (http://get-simple.info/)
Affected Version: 3.3.5 (probably also prior versions)
Patched Version: 3.3.6 (partial fix)
Risk: Medium-High
Vendor Contacted: 2015-06-14
Vendor Partial Fix: 2015-07
[ more ] [ reply ]