Mail Index
- [FD] Major Internet Explorer Vulnerability - NOT Patched
- [FD] CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities
- [FD] Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384
- [FD] Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you
- [FD] SQL injection vulnerabilities in zerocms <= v.1.3.3
- [FD] iTunes 12.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...
- [FD] CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability
- [FD] Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities
- [FD] CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Security Vulnerabilities
- [FD] About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: [FD] iTunes 12.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...
- Re: [FD] iTunes 12.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...
- [FD] [Call For Papers] BSides Knoxville, TN - May 15th 2015
- [FD] Maldrone for drones.
- [FD] My Little Forum Multiple XSS Security Vulnerabilities
- [FD] MSA-2015-02: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass
- [FD] Capstone disassembly engine 3.0.1 released!
- [FD] SQL injection vulnerability in Pragyan CMS v.3.0
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- From: Ben Lincoln (F7EFC8C9 - FD)
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [FD] CFP: Extended submission deadline:: ISSRMET2015 Dubai
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [FD] Very Important Info About "Major Internet Explorer Vulnerability - NOT Patched"
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [FD] LG On Screen Phone authentication bypass (CVE-2014-8757)
- [FD] Responder Windows Version
- [FD] Multiple CSRF vulnerabilities in eFront v. 3.6.15.2 (CE)
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- From: Ben Lincoln (F7EFC8C9 - FD)
- [FD] [RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page
- From: RedTeam Pentesting GmbH
- [FD] Barracuda Cloud Series - Filter Bypass Vulnerability (ID 731)
- [FD] Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability
- [FD] BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability
- [FD] Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability
- [FD] T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll)
- [FD] Radexscript CMS 2.2.0 - SQL Injection vulnerability
- Re: [FD] Suspicious URL:Re: Major Internet Explorer Vulnerability - NOT Patched
- [FD] MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC
- [FD] CVE-2014-6412 - WordPress (all versions) lacks CSPRNG
- Re: [FD] Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- [FD] [ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft)
- [FD] Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii)
- [FD] eTouch SamePage v4.4.0.0.239 multiple vulnerabilities
- [FD] CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities
- [FD] CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities
- [FD] Followup on CVE-2014-6412
- Re: [FD] CVE-2014-6412 - WordPress (all versions) lacks CSPRNG
- [FD] Vanilla forum Stored XSS on any private message / thread post
- [FD] NetGear WNDR Authentication Bypass / Information Disclosure
- [FD] Reflecting XSS vulnerabitlies, unrestricted file upload and underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version)
- Re: [FD] Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability
- Re: [FD] Major Internet Explorer Vulnerability - NOT Patched
- Re: [FD] Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability
- [FD] CVE-2015-1574 - Google Email App 4.2.2 remote denial of service
- [FD] CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four
- [FD] HumHub .htaccess file upload vulnerability and remote code execution
- [FD] Siemens SIMATIC TIA Portal (Step 7/WinCC) fixes
- [FD] Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability
- [FD] [RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite
- From: RedTeam Pentesting GmbH
- [FD] Agora Marketplace CSRF to Steal Bitcoins (agorahooawayyfoe.onion)
- [FD] Bug in TradeWinds
- [FD] DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities
- [FD] DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities
- [FD] DLGuard SQL Injection Security Vulnerabilities
- [FD] CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities
- [FD] Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilities
- [FD] [CVE-REQUEST] Multiple vulnerabilities on GLPI
- [FD] PHP Code Execution in jui_filter_rules Parsing Library
- [FD] Reflecting XSS- and SQL injection-vulnerabilities in the administrative backend of Piwigo <= v. 2.7.3
- [FD] Reflected File Download in AOL Search Website
- From: Ricardo Iramar dos Santos
- [FD] WooCommerce WordPress plugin 2.2.10 Reflected XSS
- [FD] Easy Social Icons WordPress plugin v1.2.2 Persistent XSS and CSRF
- [FD] New version of Hyperion PE runtime encrypter
- [FD] VLC for Android beta crash
- [FD] Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities
- [FD] Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames)
- [FD] iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...
- [FD] Multiple stored XSS-vulnerabilities in MyBB v. 1.8.3
- [FD] Multiple SQLi-, stored/reflected XSS- and CSRF-vulnerabilities in phpBugTracker v. 1.6.0
- [FD] Use After Free Vulnerability in unserialize() with DateTime* [CVE-2015-0273]
- [FD] Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone
- [FD] xaviershay-dm-rails v0.10.3.8 mysql credential exposure
- From: Larry W. Cashdollar
- [FD] Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation
- [FD] Fwd: Apple OS X: Don't trust, and don't prompt to trust certificates
- [FD] ECommerce-Shopping Cart Zeuscart v. 4: Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities
- [FD] WESP SDK multiple Remote Code Execution Vulnerabilities
- [FD] [Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench
- From: Onapsis Research Labs
- [FD] [Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA
- From: Onapsis Research Labs
- [FD] [Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA
- From: Onapsis Research Labs
- [FD] [Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA
- From: Onapsis Research Labs
- [FD] [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA
- From: Onapsis Research Labs
- [FD] DSS TFTP 1.0 Server - Path Traversal Vulnerability
- [FD] Data Source: Scopus CMS - SQL Injection Web Vulnerability
- [FD] Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities
- [FD] SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home
- From: SEC Consult Vulnerability Lab
- [FD] Swiss File Knife v1.7.4 HTTP - Buffer Overflow Vulnerability
Mail converted by MHonArc