date:20140521

Wordpress Booking System (Booking Calendar) plugin SQL Injection

2014-05-21 Thread info sec

# Exploit Title: Wordpress Booking System (Booking Calendar) plugin SQL Injection # Release Date: 2014-05-21 # Author: maodun # Contact: Twitter: @conmancm # Software Link: http://wordpress.org/support/plugin/booking-system # Affected version: < 1.3 # Google Dork: inurl:/wp-content/plugins/booking-

Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe

2014-05-21 Thread Stefan Kanthak

Hi @ll, several programs of the current Windows 7 driver software for the "HP OfficeJet 6700" multifunction device execute a rogue program C:\Program.exe The evidence (an excerpt from the SAFER log, cf. or

APPLE-SA-2014-15-20-1 OS X Server 3.1.2

2014-05-21 Thread Apple Product Security

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 APPLE-SA-2014-15-20-1 OS X Server 3.1.2 OS X Server 3.1.2 is now available and addresses the following: Ruby Available for: OS X Mavericks 10.9.3 or later Impact: Running a Ruby script that uses untrusted input to create a Float object may lead to

CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS

2014-05-21 Thread Portcullis Advisories

Vulnerability title: Unauthenticated Blind SQL Injection in BSS Continuity CMS CVE: CVE-2014-3446 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: he following URL and parameters have been confirmed to suffer from Blind SQL i

CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS

2014-05-21 Thread Portcullis Advisories

Vulnerability title: Remote Denial Of Service in BSS Continuity CMS CVE: CVE-2014-3447 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: By repeatedly calling node enumeration script, a remote unauthenticated attacker can over

CVE-2014-3450 - Privilege Escalation in Panda Security

2014-05-21 Thread Portcullis Advisories

Vulnerability title: Privilege Escalation in Panda Security CVE: CVE-2014-3450 Vendor: Panda Product: Security Affected version: See below Fixed version: See below Reported by: Kyriakos Economou Details: All users of the following (and possibly earlier) versions of Panda security products for Win

CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS

2014-05-21 Thread Portcullis Advisories

Vulnerability title: Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS CVE: CVE-2014-3448 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: The ASPX executable which is responsible for handling file u

Wordpress Booking System (Booking Calendar) plugin SQL Injection

Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe

APPLE-SA-2014-15-20-1 OS X Server 3.1.2

CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS

CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS

CVE-2014-3450 - Privilege Escalation in Panda Security

CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS

7 matches

Site Navigation

Mail list logo

Footer information