|
|
Colapse all |
Post message
Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability 2015-01-12 Vulnerability Lab (research vulnerability-lab com) Blitz CMS Community - SQL Injection Web Vulnerability 2015-01-12 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== Blitz CMS Community - SQL Injection Web Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1403 Release Date: ============= 2015-01-12 Vulnerability Laboratory ID (VL-ID): ================================= [ more ] [ reply ] Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities 2015-01-10 Pietro Oliva (pietroliva gmail com) Vulnerability title: Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities vulnerabilities Author: Pietro Oliva CVE: CVE-2014-7956, CVE-2014-7957 Product: pods Affected version: pods <= 2.4.3 Vulnerabilities fixed in version: 2.5 XSS vulnerability (CVE-2014-7956, authentication is needed): h [ more ] [ reply ] [security bulletin] HPSBOV03227 rev.1 - HP SSL for OpenVMS, Remote Disclosure of Information, Denial of Service (DoS) and Other Vulnerabilities 2015-01-10 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04533567 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04533567 Version: 1 HPSBOV03227 re [ more ] [ reply ] Re: ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities 2015-01-09 dan montala com Hi, I'm from Montala - we head up ResourceSpace development. Just to add an update - we believe all issues have been fixed in the ResourceSpace Subversion repository. In fact the majority were fixed some time ago however the original submitter was checking against an older version. We aim to rele [ more ] [ reply ] [security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2015-01-06 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 3 HPSBMU03118 r [ more ] [ reply ] Brother MFC Administration Reflected Cross-Site Scripting 2015-01-07 vulns dionach com Class Cross-Site Scripting Remote Yes Disclosed 9th October 2014 Published 7th January 2015 Credit Dave Daly of Dionach (vulns (at) dionach (dot) com [email concealed]) Confirmed Vulnerable Brother MFC-J4410DW with F/W Versions J and K The printer administration web application on Brother MFC-J4410DW model printers with firmwa [ more ] [ reply ] Self-XSS in Microsoft Dynamics CRM 2013 SP1 2015-01-07 High-Tech Bridge Security Research (advisory htbridge com) Advisory ID: HTB23245 Product: Microsoft Dynamics CRM 2013 SP1 Vendor: Microsoft Corporation Vulnerable Version(s): (6.1.1.132) (DB 6.1.1.132) and probably prior Tested Version: (6.1.1.132) (DB 6.1.1.132) Advisory Publication: December 29, 2014 [without technical details] Vendor Notification: Dece [ more ] [ reply ] ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities 2015-01-06 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1392 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID (VL-ID): ============================= [ more ] [ reply ] |
|
Privacy Statement |
===============
Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability
References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1398
BugCrowd ID: 6b37910a3c5685b944a3ad65068aa251af47450953a06b8b13d74b35d708f6b0
Acknowledgement (Hall of F
[ more ] [ reply ]