Cross-Site Scripting in Calendar WordPress Plugin
Remco Vermeulen, July 2016
Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress
Plugin
Burak Kelebek, October 2016
Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin
Yorick Koster, July 2016
Overview
* Title : Cross Site Scripting Vulnerability In Verint Impact 360
* Author: Sanehdeep Singh
* Plugin Homepage: http://www.verint.com
* Severity: Medium
* Version Affected: 11.1
* Version patched: Patches available. Contact Vendor
Description
===
About the Product
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3707-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 07, 2016
tl;dr
A stack bof in several Dlink routers, which can be exploited by an
unauthenticated attacker in the LAN. There is no patch as Dlink did not
respond to CERT's requests. As usual, a Metasploit module is in the
queue (see [9] below) and should hopefully be integrated soon.
The interesting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325836
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05325836
Version: 1
HPSBGN03643 rev.1 - HPE
Document Title:
===
Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1931
Release Date:
=
2016-11-07
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Edusson (Robotdon) BB - Client Side Cross Site Scripting Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1871
Release Date:
=
2016-11-04
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1870
Release Date:
=
2016-11-03
Vulnerability Laboratory ID (VL-ID):
Cross-Site Scripting in Faraznet Cms Version 4.x
###
# Faraznet Cms Cross-Site Scripting Vulnerability
###
#
# Iranian Exploit DataBase And Security Team - iedb.ir
# Title : Faraznet Cms Cross-Site Scripting
Cross-Site Scripting in Faraznet Cms Version 4.x
###
# Faraznet Cms Cross-Site Scripting Vulnerability
###
#
# Iranian Exploit DataBase And Security Team - iedb.ir
# Title : Faraznet Cms Cross-Site Scripting
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFFER-OVERFLOW.txt
[+] ISR: Apparition Security
Vendor:
www.labf.com
Product:
WinaXe v7.7 FTP
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt
[+] ISR: ApparitionSec
Vendor:
www.labf.com
Product:
=
Axessh 4.2.2
Axessh is a SSH client. It is
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/RAPID-PHP-EDITOR-REMOTE-CMD-EXEC.txt
[+] ISR: Apparition Security
Vendor:
==
www.rapidphpeditor.com
Product:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325823
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05325823
Version: 1
HPSBGN03656 rev.1 - HPE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325811
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05325811
Version: 1
HPSBGN03657 rev.1 - HPE
17 matches
Mail list logo