Mail Thread Index

Date Index

[FD] Unauthenticated remote command execution on Cisco Linksys x2000 routers, Lorenzo Pistone
[FD] SQL Buddy 1.3.3: CSRF, Curesec Research Team (CRT)
[FD] SQL Buddy 1.3.3: XSS, Curesec Research Team (CRT)
[FD] Chyrp CMS 2.5.2: XSS, Curesec Research Team (CRT)
[FD] CVE-2015-6498, csirt
[FD] Cross-Site Scripting | Zeuscart V4, ITAS Team
[FD] TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks, Jing Wang
[FD] Daily Mail Registration Page Unvalidated Redirects and Forwards & XSS Web Security Problem, Jing Wang
[FD] DAVOSET v.1.2.6, MustLive
[FD] Winehat Security Conference, Lorenzo Primiterra
[FD] [KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability, Egidio Romano
[FD] [KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability, Egidio Romano
[FD] [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability, Egidio Romano
[FD] [KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability, Egidio Romano
[FD] [KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability, Egidio Romano
[FD] [KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability, Egidio Romano
[FD] SEC Consult SA-20151105-0 :: Insecure default configuration in Ubiquiti Networks products, SEC Consult Vulnerability Lab
[FD] New release: UFONet v0.6 - "Galactic OFFensive!", psy
Re: [FD] eBay Magento <= 1.9.2.1 XML eXternal Entity Injection (XXE) on PHP FPM, Dawid Golunski
[FD] MiniBB 3.1.1: XSS, Curesec Research Team (CRT)
[FD] MyWebSQL 3.6: CSRF, Curesec Research Team (CRT)
[FD] OpenCart 2.0.3.1: CSRF, Curesec Research Team (CRT)
[FD] Supercali Event Calendar 1.0.8: CSRF, Curesec Research Team (CRT)
[FD] Supercali Event Calendar 1.0.8: XSS, Curesec Research Team (CRT)
[FD] CubeCart 6.0.7: Code Execution, Curesec Research Team (CRT)
[FD] CubeCart 6.0.7: XSS, Curesec Research Team (CRT)
[FD] Quick.Cart 6.6: CSRF, Curesec Research Team (CRT)
[FD] Quick.Cart 6.6: Multiple XSS, Curesec Research Team (CRT)
[FD] TheHostingTool 1.2.6: Code Execution, Curesec Research Team (CRT)
[FD] TheHostingTool 1.2.6: Multiple SQL Injection, Curesec Research Team (CRT)
[FD] TheHostingTool 1.2.6: Multiple XSS, Curesec Research Team (CRT)
[FD] SQLiteManager 1.2.4: Multiple XSS, Curesec Research Team (CRT)
- Re: [FD] SQLiteManager 1.2.4: Multiple XSS, Henri Salo
[FD] First annual BloomCON CFP, Philip Polstra
[FD] Broken, Abandoned, and Forgotten Code, Part 14, Zach Cutlip
[FD] Google AdWords API PHP client library <= 6.2.0 Arbitrary PHP Code Execution, Dawid Golunski
[FD] Google AdWords API client libraries - XML eXternal Entity Injection (XXE), Dawid Golunski
[FD] [Onapsis Security Advisory 2015-024-040] SAP HANA TrexNet Vulnerabilities, Onapsis Research Team
[FD] [Onapsis Security Advisory 2015-041] SAP HANA Remote Trace Disclosure, Onapsis Research Team
[FD] [Onapsis Security Advisory 2015-042] SAP HANA EXECUTE_SEARCH_RULE_SET Stored Procedure Memory corruption, Onapsis Research Team
[FD] [Onapsis Security Advisory 2015-043] SAP HANA Remote Code Execution (HTTP Login based), Onapsis Research Team
[FD] [Onapsis Security Advisory 2015-044] SAP HANA Remote Code Execution (SQL Login based), Onapsis Research Team
[FD] TestLink 1.9.14 Persistent XSS, Aravind
[FD] TestLink 1.9.14 CSRF Vulnerability, Aravind
[FD] Joomla CMS - Bad Cryptography - Multiple Vulnerabilities, Scott Arciszewski
[FD] D-link wireless router DIR-816L – Cross-Site Request Forgery (CSRF) vulnerability, Bhadresh Patel
[FD] Huawei HG630a and HG630a-50 Modems Default SSH Admin Password, Murat Sahin
[FD] OpenBSD package 'net-snmp' information disclosure, Pierre Kim
[FD] ZTE ADSL modems - Multiple vulnerabilities, Karn Ganeshen
[FD] XCart 5.2.6: XSS, Curesec Research Team (CRT)
[FD] XCart 5.2.6: Path Traversal, Curesec Research Team (CRT)
[FD] XCart 5.2.6: Code Execution, Curesec Research Team (CRT)
[FD] XCart 5.2.6: Code Execution Exploit, Curesec Research Team (CRT)
[FD] TomatoCart v1.1.8.6.1: Code Execution, Curesec Research Team (CRT)
[FD] TomatoCart v1.1.8.6.1: XSS, Curesec Research Team (CRT)
[FD] Thelia 2.2.1: XSS, Curesec Research Team (CRT)
[FD] Sitemagic CMS 4.1: XSS, Curesec Research Team (CRT)
[FD] Open Source Social Network 3.5: XSS, Curesec Research Team (CRT)
[FD] dotclear 2.8.1: Code Execution, Curesec Research Team (CRT)
[FD] dotclear 2.8.1: XSS, Curesec Research Team (CRT)
[FD] ClipperCMS 1.3.0: Code Execution, Curesec Research Team (CRT)
[FD] ClipperCMS 1.3.0: Code Execution Exploit, Curesec Research Team (CRT)
[FD] ClipperCMS 1.3.0: CSRF, Curesec Research Team (CRT)
[FD] ClipperCMS 1.3.0: SQL Injection, Curesec Research Team (CRT)
[FD] ClipperCMS 1.3.0: Path Traversal, Curesec Research Team (CRT)
[FD] ClipperCMS 1.3.0: XSS, Curesec Research Team (CRT)
[FD] LiteCart 1.3.2: Multiple XSS, Curesec Research Team (CRT)
- Re: [FD] LiteCart 1.3.2: Multiple XSS, Henri Salo
  - Re: [FD] LiteCart 1.3.2: Multiple XSS, Curesec Research Team (CRT)
[FD] AlegroCart 1.2.8: LFI/RFI, Curesec Research Team (CRT)
[FD] AlegroCart 1.2.8: SQL Injection, Curesec Research Team (CRT)
[FD] Call For Papers - BSidesCharm (Baltimore, MD), Brian Baskin
[FD] Defense in depth -- the Microsoft way (part 36): CWE-428 or fun with unquoted paths, Stefan Kanthak
[FD] Port Scan v2.0 iOS - Command Inject Vulnerability, Vulnerability Lab
[FD] LAN Scan HD v1.20 iOS - Command Inject Vulnerability, Vulnerability Lab
[FD] Magento Bug Bounty #22 - (Profile) Persistent Vulnerability, Vulnerability Lab
[FD] Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities, Vulnerability Lab
[FD] LineNity WP Premium Theme - File Include Vulnerability, Vulnerability Lab
[FD] Murgent CMS - SQL Injection Vulnerability, Vulnerability Lab
[FD] Free WMA MP3 Converter - Buffer Overflow Exploit (SEH), Vulnerability Lab
[FD] Google AOSP Email App HTML Injection, Cláudio André
[FD] CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability, Matthew Flanagan
[FD] zTree v3 Security Advisory - XSS Vulnerability - CVE-2015-7348, Onur Yilmaz
[FD] Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability, Vulnerability Lab
[FD] LinkedIn - Persistent Cross-Site Scripting vulnerability(XSS), Rohit Dua
[FD] [CFP] No Big Thing Conference #2 San Francisco, December 5 2015, Jonathan Brossard
[FD] Cambium ePMP 1000 - Multiple Vulnerabilities, Karn Ganeshen
[FD] Qualsoft Systems - (AddNewsDetails.php) Auth ByPass Vulnerability, ZoRLu Bugrahan
[FD] List of Bug Bounty Programs INTERNATIONAL 427+ OFFICIAL - Bug Bounty Sheet, Vulnerability Lab
[FD] CVE-2015-8300: Polycom BToE Connector v2.3.0 Privilege Escalation Vulnerability, SBA Research Advisory
[FD] : CVE-2015-8299 RCE Vulnerability in the KNX management software ETS, SBA Research Advisory
[FD] : CVE-2015-8298 SQL Injection Vulnerability in RXTEC RXAdmin, SBA Research Advisory
[FD] Cross Site Scripting (XSS) 0day in SimpleViewer all versions, bugbasher
[FD] Leak information on Huawei HG253s v2, Comtrend VG 8050 and ADB P.DGA4001N (HomeStation), Daniel Díez
[FD] [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE, ERPScan inc
[FD] [ERPSCAN-15-019] SAP Afaria - Stored XSS, ERPScan inc
[FD] [ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import, ERPScan inc
[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS), Manuel Mancera
[FD] CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability, Vulnerability Lab
[FD] Google Translator affected by Cross-Site Scripting vulnerability, Francisco Javier Santiago Vázquez
- Re: [FD] Google Translator affected by Cross-Site Scripting vulnerability, Gynvael Coldwind
[FD] [CVE-2015-6942] CoreMail XT3.0 Stored XSS, shack.li
[FD] Mitigations for "carpet bombing" alias "directory poisoning" attacks against executable installers, Stefan Kanthak
[FD] PRTG Network Monitor Tool – Multiple Cross-Site Scripting Vulnerability, Sachin Wagh
[FD] BlackArch Linux: New ISOs and Guide released, Black Arch
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS), Manuel Mancera

Mail converted by MHonArc