full-disclosure

Messages by Date

2014/03/13 [Full-disclosure] [ MDVSA-2014:057 ] mediawiki security
2014/03/13 [Full-disclosure] Capstone disassembly framework 2.1.1 released! Nguyen Anh Quynh
2014/03/13 [Full-disclosure] [ MDVSA-2014:056 ] apache-commons-fileupload security
2014/03/13 Re: [Full-disclosure] Medium severity flaw in BlackBerry QNX Neutrino RTOS Tim Brown
2014/03/13 [Full-disclosure] Google vulnerabilities with PoC Nicholas Lemonias.
2014/03/13 [Full-disclosure] BSides Connecticut - Call for Speakers William Reyor
2014/03/13 Re: [Full-disclosure] OT What is happening with bitcoins? Mark M. Jaycox (EFF)
2014/03/13 [Full-disclosure] PowerArchiver: Uses insecure legacy PKZIP encryption when AES is selected (CVE-2014-2319) Hanno Böck
2014/03/13 [Full-disclosure] Byte CMS Cross Site Scripting Vulnerabilities Project Zero Labs
2014/03/13 [Full-disclosure] [SECURITY] [DSA 2877-1] lighttpd security update Michael Gilbert
2014/03/13 [Full-disclosure] [ MDVSA-2014:055 ] owncloud security
2014/03/13 [Full-disclosure] [ MDVSA-2014:054 ] otrs security
2014/03/13 [Full-disclosure] [ MDVSA-2014:053 ] libssh security
2014/03/13 [Full-disclosure] [ MDVSA-2014:052 ] net-snmp security
2014/03/13 [Full-disclosure] [ MDVSA-2014:051 ] file security
2014/03/13 [Full-disclosure] QUANTUMSQUIRREL - attrition.org unmasked as NSA TAO OP coderman
2014/03/12 [Full-disclosure] [Security-news] SA-CONTRIB-2014-031 - Webform Template - Access Bypass security-news
2014/03/12 [Full-disclosure] Multiplus XSS in Proxmox Mail Gateway 3.1 (CVE-2014-2325) William Costa
2014/03/12 [Full-disclosure] [Security-news] SA-CONTRIB-2014-030 - SexyBookmarks - Information Disclosure security-news
2014/03/12 [Full-disclosure] [SECURITY] [DSA 2876-1] cups security update Moritz Muehlenhoff
2014/03/12 [Full-disclosure] [SECURITY] [DSA 2875-1] cups-filters security update Moritz Muehlenhoff
2014/03/12 [Full-disclosure] [SECURITY] [DSA 2874-1] mutt security update Moritz Muehlenhoff
2014/03/12 [Full-disclosure] Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Larry W. Cashdollar
2014/03/12 [Full-disclosure] CVE-2014-1686 -- Information disclosure: webserver source path in Mediawiki 1.18.0 alejandr0.w3b.p0wn3r
2014/03/12 [Full-disclosure] CVE-2014-1222 - Local File Inclusion in Vtiger CRM Portcullis Advisories
2014/03/12 [Full-disclosure] CVE-2014-2043 - SQL Injection in Procentia IntelliPen Portcullis Advisories
2014/03/12 [Full-disclosure] CVE-2014-1904 XSS when using Spring MVC Pivotal Security Team
2014/03/12 [Full-disclosure] CVE-2014-0097 Spring Security Blank password may bypass user authentication Pivotal Security Team
2014/03/12 [Full-disclosure] CVE-2014-0054 Spring MVC Incomplete fix for CVE-2013-4152 / CVE-2013-6429 (XXE) Pivotal Security Team
2014/03/12 [Full-disclosure] Medium severity flaw in BlackBerry QNX Neutrino RTOS Tim Brown
2014/03/11 [Full-disclosure] NEW VMSA-2014-0002 VMware vSphere updates to third party libraries "VMware Security Response Center"
2014/03/11 [Full-disclosure] [SECURITY] [DSA 2873-1] file security update Salvatore Bonaccorso
2014/03/11 [Full-disclosure] CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities CORE Advisories Team
2014/03/11 Re: [Full-disclosure] OT What is happening with bitcoins? Ron Scott-Adams
2014/03/11 Re: [Full-disclosure] Passwords Analyser Tool Daniel Wood
2014/03/11 [Full-disclosure] [CVE-2013-6835] - iOS 7.0.6 Safari/Facetime-Audio Privacy issue Guillaume Ross
2014/03/11 [Full-disclosure] Apple TV log file password disclosure David Schuetz
2014/03/11 [Full-disclosure] Passwords Analyser Tool Nahuel Grisolia
2014/03/11 Re: [Full-disclosure] OT What is happening with bitcoins? Julius Kivimäki
2014/03/11 [Full-disclosure] NotSoSecure CTF [April 18th to 20th 2014] Sumit Siddharth
2014/03/11 [Full-disclosure] Hackito Ergo Sum 2014 CFP Alexandre De Oliveira
2014/03/10 [Full-disclosure] AST-2014-004: Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling Asterisk Security Team
2014/03/10 [Full-disclosure] AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers Asterisk Security Team
2014/03/10 [Full-disclosure] AST-2014-003: Remote Crash Vulnerability in PJSIP channel driver Asterisk Security Team
2014/03/10 [Full-disclosure] AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers. Asterisk Security Team
2014/03/10 Re: [Full-disclosure] OT What is happening with bitcoins? chedder
2014/03/10 [Full-disclosure] [ MDVSA-2014:050 ] wireshark security
2014/03/10 [Full-disclosure] [SECURITY] [DSA 2872-1] udisks security update Moritz Muehlenhoff
2014/03/10 [Full-disclosure] [SECURITY] [DSA 2871-1] wireshark security update Moritz Muehlenhoff
2014/03/10 [Full-disclosure] [ MDVSA-2014:049 ] subversion security
2014/03/10 [Full-disclosure] [ MDVSA-2014:048 ] gnutls security
2014/03/10 [Full-disclosure] List Charter John Cartwright
2014/03/10 Re: [Full-disclosure] OT What is happening with bitcoins? Meaux, Kirk
2014/03/10 [Full-disclosure] OXATIS 'EMSJ' Cross Site Scripting Vulnerability HTTPCS
2014/03/10 [Full-disclosure] [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability HTTPCS
2014/03/10 Re: [Full-disclosure] Hacking in Schools coderman
2014/03/10 Re: [Full-disclosure] OT What is happening with bitcoins? coderman
2014/03/09 Re: [Full-disclosure] SQL injection in MODX Brandon Perry
2014/03/08 Re: [Full-disclosure] MODX SQLi from oss-sec Brandon Perry
2014/03/08 Re: [Full-disclosure] MODX SQLi from oss-sec Brandon Perry
2014/03/08 [Full-disclosure] MODX SQLi from oss-sec Brandon Perry
2014/03/08 [Full-disclosure] [SECURITY] [DSA 2870-1] libyaml-libyaml-perl security update Salvatore Bonaccorso
2014/03/08 Re: [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #3 XSS on de-mg42.mail.yahoo.com Stefan Schurtz
2014/03/08 [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #4 #5 #6 Cross-site Scripting vulnerabilities Stefan Schurtz
2014/03/08 [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #3 XSS on de-mg42.mail.yahoo.com Stefan Schurtz
2014/03/08 [Full-disclosure] Yahoo Bug Bounty Program Vulnerability #1 XSS on ads.yahoo.com Stefan Schurtz
2014/03/07 Re: [Full-disclosure] Garage4Hackers Ranchoddas Series - Part 2 on Reverse Engineering - Free Webinar Sandeep Kamble
2014/03/07 Re: [Full-disclosure] OT What is happening with bitcoins? Pedro Worcel
2014/03/07 [Full-disclosure] DAVOSET v.1.1.8 MustLive
2014/03/07 [Full-disclosure] Garage4Hackers Ranchoddas Series - Part 2 on Reverse Engineering - Free Webinar Sandeep Kamble
2014/03/07 [Full-disclosure] SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot SEC Consult Vulnerability Lab
2014/03/06 Re: [Full-disclosure] Rails and redirections Brandon Perry
2014/03/06 Re: [Full-disclosure] Rails and redirections Brandon Perry
2014/03/06 Re: [Full-disclosure] Rails and redirections Timothy Goddard
2014/03/06 Re: [Full-disclosure] [ANN] Struts 2.3.16.1 GA release available - security fix Lukasz Lenart
2014/03/06 [Full-disclosure] Live PoC - Confirming completion of arbitrary file uploads to You Tube's Servers Nicholas Lemonias.
2014/03/06 [Full-disclosure] XSS in url for access of Confirmation Required in box for antispam from company AKER (CVE-2013-6037) William Costa
2014/03/06 Re: [Full-disclosure] [ANN] Struts 2.3.16.1 GA release available - security fix Tim
2014/03/06 [Full-disclosure] Rails and redirections Brandon Perry
2014/03/06 Re: [Full-disclosure] [ANN] Struts 2.3.16.1 GA release available - security fix Tim
2014/03/06 Re: [Full-disclosure] OT What is happening with bitcoins? Brandon Perry
2014/03/06 [Full-disclosure] OT What is happening with bitcoins? Georgi Guninski
2014/03/06 [Full-disclosure] CVE-2014-2044 - Remote Code Execution in ownCloud Portcullis Advisories
2014/03/06 [Full-disclosure] [ANN] Struts 2.3.16.1 GA release available - security fix Lukasz Lenart
2014/03/06 Re: [Full-disclosure] Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability Brian M. Waters
2014/03/06 [Full-disclosure] SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability Vulnerability Lab
2014/03/05 Re: [Full-disclosure] [OT] pls ignore Gaurang Pandya
2014/03/05 [Full-disclosure] [Security-news] SA-CONTRIB-2014-027 - NewsFlash Theme - XSS security-news
2014/03/05 [Full-disclosure] [Security-news] SA-CONTRIB-2014-028 - Masquerade - Access bypass security-news
2014/03/05 [Full-disclosure] [Security-news] SA-CONTRIB-2014-029 - Mime Mail - Access Bypass security-news
2014/03/05 [Full-disclosure] [CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure Gustavo Speranza
2014/03/05 [Full-disclosure] Tool Release: nsdtool - netgear switch discovery Curesec Research Team
2014/03/05 [Full-disclosure] Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability Cisco Systems Product Security Incident Response Team
2014/03/05 [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team
2014/03/05 [Full-disclosure] Capstone disassembly framework 2.1 released! Nguyen Anh Quynh
2014/03/05 [Full-disclosure] Google's (YouTube) Arbitrary File Upload Vulnerability Report with PoC Nicholas Lemonias.
2014/03/05 [Full-disclosure] CVE-2014-1599 - 39 Type-1 XSS in SFR ADSL/Fiber Box alejandr0.w3b.p0wn3r
2014/03/05 [Full-disclosure] [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation Ian Clelland
2014/03/05 [Full-disclosure] [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults Ian Clelland
2014/03/04 [Full-disclosure] [Call for Presenters] Security BSides Las Vegas BSidesLV Info
2014/03/04 [Full-disclosure] Netvolution CMS 3 SQL injection Project Zero Labs
2014/03/04 [Full-disclosure] [CFP] Hack In Paris 2014 CFP is postponed to March 10 Damien Cauquil
2014/03/04 [Full-disclosure] Google Inc., (Youtube.com) Unrestricted File Upload Vulnerability. Nicholas Lemonias.
2014/03/04 [Full-disclosure] [CVE-2014-0334] XSS in CMS made simple, plus other security issues Pedro Ribeiro
2014/03/04 [Full-disclosure] [SECURITY] [DSA 2869-1] gnutls26 security update Yves-Alexis Perez
2014/03/04 [Full-disclosure] [Announce] Apache Shiro 1.2.3 Released - Security Advisory Brian Demers
2014/03/03 [Full-disclosure] CVE-2014-2238 -- MantisBT aux mod Brandon Perry
2014/03/03 [Full-disclosure] CSRF in WordPress plugin Google Analytics MU 2.3 Harry Metcalfe
2014/03/02 [Full-disclosure] [SECURITY] [DSA 2868-1] php5 security update Salvatore Bonaccorso
2014/03/02 [Full-disclosure] [CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution Julien Ahrens
2014/03/01 [Full-disclosure] [CVE-2013-6234] XSS File Upload in SpagoBI v4.0 Christian Catalano
2014/03/01 [Full-disclosure] [CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0 Christian Catalano
2014/03/01 [Full-disclosure] [CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0 Christian Catalano
2014/03/01 [Full-disclosure] CVE-2014-5877 - Local File Inclusion in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] [CVE-2013-6231] Remote Privilege Escalation in SpagoBI v4.0 Christian Catalano
2014/03/01 Re: [Full-disclosure] CVE-2014-5877 - Local File Inclusion in Oracle Demantra Portcullis Advisories
2014/03/01 Re: [Full-disclosure] CVE-2014-5880 - Authentication Bypass in Oracle Demantra Portcullis Advisories
2014/03/01 Re: [Full-disclosure] CVE-2014-5795 - Database Credentials Leak in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] CVE-2014-0372 - SQL Injection in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] CVE-2014-0379 - Stored Cross-site Scripting in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] CVE-2014-0371 - Reflective XSS in Oracle Demantra Portcullis Advisories
2014/03/01 Re: [Full-disclosure] CVE-2014-5795 - Database Credentials Leak in Oracle Demantra Arron Dowdeswell
2014/03/01 Re: [Full-disclosure] CVE-2014-5880 - Authentication Bypass in Oracle Demantra Arron Dowdeswell
2014/03/01 Re: [Full-disclosure] CVE-2014-5877 - Local File Inclusion in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] CVE-2014-5795 - Database Credentials Leak in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] CVE-2014-5880 - Authentication Bypass in Oracle Demantra Portcullis Advisories
2014/03/01 [Full-disclosure] CVE-2014-1216 - Remote Command Execution in Fitnesse Wiki Portcullis Advisories
2014/03/01 [Full-disclosure] [ANNOUNCE] CVE-2014-0002 and CVE-2014-0003 - Apache Camel critical disclosure vulnerability Christian Mueller
2014/02/28 [Full-disclosure] Microsoft Office 365 Outlook - Filter Bypass & Persistent Editor Vulnerability Vulnerability Lab
2014/02/28 [Full-disclosure] Whonix Anonymous Operating System Version 8 Released! Patrick Schleizer
2014/02/28 [Full-disclosure] SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server SEC Consult Vulnerability Lab
2014/02/28 [Full-disclosure] SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch SEC Consult Vulnerability Lab
2014/02/27 [Full-disclosure] Web App Sec: (AT&T Corporation) former American Telecommunication & Telegraph Vulnerabilities (Cross-Site Scripting / OWASP Top 10) Nicholas Lemonias.
2014/02/27 [Full-disclosure] Update: CVE-2014-0053 Information Disclosure when using Grails Pivotal Security Team
2014/02/27 [Full-disclosure] Telekom Bug Bounty #12 - File Include Web Vulnerability Vulnerability Lab
2014/02/27 [Full-disclosure] Bluetooth Photo Share Pro v2.0 iOS - Multiple Vulnerabilities Vulnerability Lab
2014/02/27 [Full-disclosure] SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System) SEC Consult Vulnerability Lab
2014/02/26 [Full-disclosure] Barracuda Networks Backup Appliance Application - Persistent Web Vulnerability Vulnerability Lab
2014/02/26 [Full-disclosure] [Security-news] SA-CONTRIB-2014-026 - Mime Mail - Access bypass security-news
2014/02/26 Re: [Full-disclosure] Hacking in Schools Sanguinarious Rose
2014/02/26 Re: [Full-disclosure] Hacking in Schools Dan Ballance
2014/02/26 [Full-disclosure] British Sky Broadcasting Corporation - Web App vulnerabilities (XSS) Nicholas Lemonias.
2014/02/26 Re: [Full-disclosure] Hacking in Schools Paul Ammann
2014/02/26 [Full-disclosure] Microsoft DNS server unwitting DDoS contributor Pedro Luis Karrasquillo
2014/02/26 [Full-disclosure] [Security-news] SA-CONTRIB-2014-024 - Content Lock - CSRF security-news
2014/02/26 [Full-disclosure] [Security-news] SA-CONTRIB-2014-025 - Open Omega - Access Bypass security-news
2014/02/26 [Full-disclosure] [Security-news] SA-CONTRIB-2014-023 - Project Issue File Review - XSS security-news
2014/02/26 [Full-disclosure] Cisco Security Advisory: Cisco Prime Infrastructure Command Execution Vulnerability Cisco Systems Product Security Incident Response Team
2014/02/26 [Full-disclosure] Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability Vulnerability Lab
2014/02/25 Re: [Full-disclosure] Hacking in Schools Benji
2014/02/25 Re: [Full-disclosure] Hacking in Schools Hinky Dink
2014/02/25 Re: [Full-disclosure] Hacking in Schools Brandon Perry
2014/02/25 [Full-disclosure] Multiple vulnerabilities in Joomla-Base MustLive
2014/02/25 [Full-disclosure] Hacking in Schools Pete Herzog
2014/02/25 Re: [Full-disclosure] MS 2k8 DNS server trivial DDoS contributor Georgi Guninski
2014/02/25 [Full-disclosure] MS 2k8 DNS server trivial DDoS contributor Pedro Luis Karrasquillo
2014/02/25 [Full-disclosure] [RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard RedTeam Pentesting GmbH
2014/02/25 [Full-disclosure] Private Camera Pro v5.0 iOS - Multiple Web Vulnerabilities Vulnerability Lab
2014/02/25 [Full-disclosure] Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities Vulnerability Lab
2014/02/25 [Full-disclosure] [SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications Mark Thomas
2014/02/25 [Full-disclosure] [SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure) Mark Thomas
2014/02/25 [Full-disclosure] [SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service) Mark Thomas
2014/02/25 [Full-disclosure] [SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled Mark Thomas
2014/02/24 Re: [Full-disclosure] Freepbx 2.x , Command Execution vuln Rob Thomas
2014/02/24 [Full-disclosure] WiFiles HD v1.3 iOS - File Include Web Vulnerability Vulnerability Lab
2014/02/24 [Full-disclosure] JORJWEB Ltda (all versions) - SQL Injection Vulnerability Vulnerability Lab
2014/02/24 [Full-disclosure] Barracuda Networks Bug Bounty #35 - Persistent Web Vulnerability Vulnerability Lab
2014/02/24 [Full-disclosure] Freepbx 2.x , Command Execution vuln 0u7 5m4r7
2014/02/24 Re: [Full-disclosure] [OT] pls ignore Gynvael Coldwind
2014/02/24 Re: [Full-disclosure] [SECURITY] [DSA 2867-1] otrs2 security update Milan Berger
2014/02/23 [Full-disclosure] Persistent XSS in Media File Renamer V1.7.0 wordpress plugin Larry W. Cashdollar
2014/02/23 [Full-disclosure] [SECURITY] [DSA 2867-1] otrs2 security update Salvatore Bonaccorso
2014/02/23 [Full-disclosure] Multiple vulnerabilities in JoomLeague for Joomla MustLive
2014/02/23 Re: [Full-disclosure] [OT] pls ignore Michal Zalewski
2014/02/23 Re: [Full-disclosure] [OT] pls ignore Rick Olson
2014/02/22 Re: [Full-disclosure] Apple SSL fail Reed Black
2014/02/22 [Full-disclosure] Apple SSL fail imipak
2014/02/22 [Full-disclosure] [SECURITY] [DSA 2866-1] gnutls26 security update Salvatore Bonaccorso
2014/02/22 [Full-disclosure] temporary file creation vulnerability in Redis Matthew Hall
2014/02/22 Re: [Full-disclosure] [OT] pls ignore Trevor Bergeron
2014/02/22 [Full-disclosure] ASUS router drive-by code execution via XSS and authentication bypass Harry Sintonen
2014/02/22 [Full-disclosure] CVE-2014-1223 - Cross-site Scripting in Telligent Evolution Portcullis Advisories
2014/02/21 Re: [Full-disclosure] DoS via tables corruption in WordPress MustLive
2014/02/21 [Full-disclosure] Google XXE Vulnerability Mark Litchfield
2014/02/21 [Full-disclosure] [ MDVSA-2014:047 ] postgresql security
2014/02/21 [Full-disclosure] 44CON 2014 September 11th - 12th CFP Steve
2014/02/21 [Full-disclosure] CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability Vulnerability Lab
2014/02/21 [Full-disclosure] [ MDVSA-2014:046 ] phpmyadmin security
2014/02/21 [Full-disclosure] Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability Vulnerability Lab
2014/02/21 [Full-disclosure] DC4420 meeting Tuesday, 25th February 2014 Tony Naggs
2014/02/21 Re: [Full-disclosure] [OT] pls ignore Pedro Worcel
2014/02/20 [Full-disclosure] [OT] pls ignore Gaurang Pandya
2014/02/20 [Full-disclosure] [SECURITY] [DSA 2865-1] postgresql-9.1 security update Moritz Muehlenhoff
2014/02/20 [Full-disclosure] [SECURITY] [DSA 2864-1] postgresql-8.4 security update Moritz Muehlenhoff
2014/02/20 Re: [Full-disclosure] RC Trojan 1.1d (Undetected) ICSS Security
2014/02/20 [Full-disclosure] [ MDVSA-2014:045 ] libtar security
2014/02/20 [Full-disclosure] Barracuda Bug Bounty #30 Firewall - Multiple Persistent Web Vulnerabilities Vulnerability Lab
2014/02/20 Re: [Full-disclosure] A question for the list - WordPress plugin inspections Jerome Athias
2014/02/20 [Full-disclosure] [CVE-2014-2027] PHP objection insertion / arbitrary file deletion / possible RCE in egroupware <= 1.8.005 Pedro Ribeiro
2014/02/20 Re: [Full-disclosure] A question for the list - WordPress plugin inspections Harry Metcalfe