/tmp race condition in IBM Installation Manager V1.8.1 install script

Title: /tmp race condition in IBM Installation Manager V1.8.1 install script Author: Larry W. Cashdollar, @_larry0 Date: 2015-10-29 Download Site: http://www-03.ibm.com/software/products/en/appserv-wasfordev Vendor: IBM Vendor Notified: -00-00 Vendor Contact: Description: IBM Installation

[SECURITY] [DSA 3208-2] freexl regression update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3208-2 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 14, 2015

CF Image Host XSS

[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-XSS.txt Vendor: codefuture.co.uk/projects/imagehost Product: === CF Image Host 1.65 -

CF Image Host PHP Command Injection

[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-PHP-CMD-INJECTION.txt Vendor: codefuture.co.uk/projects/imagehost Product: === CF Image

Dlink SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L

## Advisory Information Title: SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L Vendors contacted: William Brown (Dlink) Release mode: Released CVE: None Note: All these security issues have been discussed with the vendor and

[slackware-security] seamonkey (SSA:2015-318-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] seamonkey (SSA:2015-318-01) New seamonkey packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--+

PHP Address Book SQL Injection Vulnerability

## Full Disclosure #Exploit Title : PHP Address Book SQL Injection Vulnerability #Exploit Author : Rahul Pratap Singh #Date : 14/Nov/2015 #Home Page Link : http://sourceforge.net/projects/php-addressbook/ #Blog Url : 0x62626262.wordpress.com #Linkedin

CF Image Host CSRF

[+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-CFIMAGEHOST-CSRF.txt Vendor: codefuture.co.uk/projects/imagehost Product: === CF Image Host 1.65 -

Dlink DIR-866L Buffer overflows in HNAP and send email functionalities

## Advisory Information Title: DIR-866L Buffer overflows in HNAP and send email functionalities Vendors contacted: William Brown , Patrick Cline patrick.cl...@dlink.com(Dlink) CVE: None Note: All these security issues have been discussed with the vendor and vendor

D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF) vulnerability

Title: D-link wireless router DIR-816L – Cross-Site Request Forgery (CSRF) vulnerability Credit: == Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com CVE: = CVE-2015-5999 Date: 10-11-2015 (dd/mm/) Vendor: == D-Link is a computer