Vulnerability ID: HTB22939
Reference:
http://www.htbridge.ch/advisory/multiple_sql_injection_in_universal_post_manager_wordpress_plugin.html
Product: Universal Post Manager wordpress plugin
Vendor: ProfProjects ( Artyom Chakhoyan ) ( http://www.profprojects.com/ )
Vulnerable Version: 1.0.9
Vendor
Vulnerability ID: HTB22932
Reference: http://www.htbridge.ch/advisory/multiple_xss_in_webspell.html
Product: webSPELL
Vendor: http://www.webspell.org/ ( http://www.webspell.org/ )
Vulnerable Version: 4.2.2a
Vendor Notification: 05 April 2011
Vulnerability Type: XSS (Cross Site Scripting)
Risk lev
Vulnerability ID: HTB22934
Reference:
http://www.htbridge.ch/advisory/sql_injection_in_wp_starsratebox_wordpress_plugin.html
Product: WP-StarsRateBox wordpress plugin
Vendor: www.starsrate.com ( www.starsrate.com )
Vulnerable Version: 1.1
Vendor Notification: 05 April 2011
Vulnerability Type: S
Vulnerability ID: HTB22935
Reference:
http://www.htbridge.ch/advisory/multiple_xss_in_wp_starsratebox_wordpress_plugin.html
Product: WP-StarsRateBox wordpress plugin
Vendor: www.starsrate.com ( www.starsrate.com )
Vulnerable Version: 1.1
Vendor Notification: 05 April 2011
Vulnerability Type: XS
[DCA-2011-0011]
[Discussion]
- DcLabs Security Research Group advises about following vulnerability(ies):
[Software]
- Ocomon
[Vendor Product Description]
- The OCOMON came in March 2002 as a personal project of programmer
Franque Custodio, with the initial characteristics
of the registration, m
ClubHACK Magazine is seeking for submissions for next issue i.e. May 2011
issue. IF you have something interesting and would like to share, please send
in your articles to abhij...@clubhack.com
Topics/Themes for May issue is - Browser Security.
It has as 6 sections:
1.Tech Gyan - Main ar
Vulnerability ID: HTB22940
Reference:
http://www.htbridge.ch/advisory/xss_in_socialgrid_wordpress_plugin.html
Product: SocialGrid wordpress plugin
Vendor: Michael Whalen ( http://whalesalad.com )
Vulnerable Version: 2.3
Vendor Notification: 05 April 2011
Vulnerability Type: XSS (Cross Site Scrip
ZDI-11-136 (formerly ZDI-CAN-1022): IBM Tivoli Directory Server ibmslapd.exe
SASL Bind Request Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-136
April 18, 2011
-- CVE ID:
CVE-2011-1206
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
Vulnerability ID: HTB22931
Reference:
http://www.htbridge.ch/advisory/xss_vulnerability_in_interra_blog_machine.html
Product: InTerra Blog Machine
Vendor: InTerra Blog Machine Team ( http://code.google.com/p/interra/ )
Vulnerable Version: 1.84 and probably prior versions
Vendor Notification: 31 M
Vulnerability ID: HTB22933
Reference:
http://www.htbridge.ch/advisory/multiple_path_disclosure_in_webspell.html
Product: webSPELL
Vendor: http://www.webspell.org/ ( http://www.webspell.org/ )
Vulnerable Version: 4.2.2a
Vendor Notification: 05 April 2011
Vulnerability Type: Path disclosure
Risk l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2219-1 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
April 18,
Abstract
In 2009 we examined the effects of manipulating synchronization
objects in security software suites frequently found on personal
computers running Windows XP and Vista. The synchronization objects
were mutexes and events, and the security software included products
from AVG, Avast, Avira,
==
Ubuntu Security Notice USN-1114-1
April 18, 2011
kdenetwork vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02788734
Version: 1
HPSBMA02659 SSRT100440 rev.1 - HP Network Node Manager i (NNMi) for HP-UX,
Linux, Solaris, and Windows, Remote Unauthorized Access
NOTICE: The information in this Security
Vulnerability ID: HTB22942
Reference: http://www.htbridge.ch/advisory/path_disclousure_in_dalbum.html
Product: Dalbum
Vendor: http://www.dalbum.org/ ( http://www.dalbum.org/ )
Vulnerable Version: 1.43
Vendor Notification: 05 April 2011
Vulnerability Type: Path disclosure
Risk level: Low
Credit:
Vulnerability ID: HTB22943
Reference: http://www.htbridge.ch/advisory/xss_in_dalbum.html
Product: Dalbum
Vendor: http://www.dalbum.org/ ( http://www.dalbum.org/ )
Vulnerable Version: 1.43
Vendor Notification: 05 April 2011
Vulnerability Type: XSS (Cross Site Scripting)
Risk level: Medium
Credit:
Vulnerability ID: HTB22937
Reference:
http://www.htbridge.ch/advisory/path_disclosure_in_universal_post_manager_wordpress_plugin.html
Product: Universal Post Manager wordpress plugin
Vendor: ProfProjects ( Artyom Chakhoyan ) ( http://www.profprojects.com/ )
Vulnerable Version: 1.0.9
Vendor Notifi
Nice try.. republishing old findings again?
On Thu, 30 Dec 2010, advis...@htbridge.ch wrote:
: Vulnerability ID: HTB22750
: Reference: http://www.htbridge.ch/advisory/sql_injection_in_lightneasy.html
: Product: LightNEasy
: The vulnerability exists due to failure in the "/LightNEasy.php" script
Not only was this previously discovered, you don't seem to understand the
variables:
On Thu, 30 Dec 2010, advis...@htbridge.ch wrote:
: Vulnerability ID: HTB22754
: Reference: http://www.htbridge.ch/advisory/sql_injection_in_lightneasy_1.html
: Product: LightNEasy
:
: Vulnerability Details:
:
Vulnerability ID: HTB22938
Reference:
http://www.htbridge.ch/advisory/multiple_xss_in_universal_post_manager_wordpress_plugin.html
Product: Universal Post Manager wordpress plugin
Vendor: ProfProjects ( Artyom Chakhoyan ) ( http://www.profprojects.com/ )
Vulnerable Version: 1.0.9
Vendor Notificat
20 matches
Mail list logo