Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities

st.localhost:6221/cgi-mod/index.cgi? auth_type=Local&et=1378382541&locale=en_US&password=05e76e9aff6e382822aeb21d3903bcde&realm=&role=& user=guest&primary_tab=FIREWALL&secondary_tab=firewall_access_rules Solution - Fix & Patch: === The vulnerability can be patched

Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability

veloper Team) [Coordination: Eric ** ] Security Risk: == The security risk of the persistent input validation web vulnerabilities is estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Ateeq Khan (at...@evolution-sec.com) [www.vulnerab

Barracuda Networks Backup Appliance Application - Persistent Web Vulnerability

Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of m

Microsoft Office 365 Outlook - Filter Bypass & Persistent Editor Vulnerability

ty is estimated as medium(+)|(-)high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advi

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability

= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or i

Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities

formation provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liabl

Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities

ability is estimated as high(-). 1.2 The security risk of the arbitrary file upload web vulnerability is estimated as high(+). Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com

My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability

lnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranti

ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities

-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular

Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities

el in the left-hand navigation, then select “Email Security” in the Software Type drop down menu. Security Risk: == The security risk of the persistent and non persistent post inject web vulnerabilities are estimated as medium. Credits & Authors: == Vulnerability Laborat

Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities

= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are

iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities

its & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. V

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

Document Title: === FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1231 Release Date: = 2014-03-20 Vulnerability Laboratory ID (VL-ID):

Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities

ation provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case o

ES746 DELL Support-Bulletin - EMS Vulnerability Resolved

The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not l

PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities

lution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ========= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability an

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

======= Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims

iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities

ity Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, eit

Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability

code injects. Security Risk: == The security risk of the persistent input validation web vulnerability is estimated as medium(+). Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerabilit

Bluetooth Text Chat v1.0 iOS - Code Execution Vulnerability

Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims

AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability

in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case of damage, includi

iVault Private P&V 1.1 iOS - Path Traversal Vulnerability

Document Title: === iVault Private P&V 1.1 iOS - Path Traversal Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1253 Release Date: = 2014-04-09 Vulnerability Laboratory ID (VL-ID):

BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability

.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue

ed:0 }] }; extraBBCodes['c'] = tmpBBCode; sourceCodes['c'] = 'c'; language['c.title'] = "C/C++ Source code"; language['c.attribute1.promptText'] = "wcf.bbcode.c.promptText"; errorField = false

PDF Album v1.7 iOS - File Include Web Vulnerability

= The security risk of the local file include web vulnerability in the mobile application is estimated as high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Informa

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability

high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab

Depot WiFi v1.0.0 iOS - Multiple Web Vulnerabilities

m) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and ca

Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability

=== Vulnerability Laboratory [Research Team] - Ateeq ur Rehman Khan (at...@evolution-sec.com) (www.vulnerability-lab.com) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab

NG WifiTransfer Pro 1.1 - File Include Vulnerability

bility-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnera

Files Desk Pro v1.4 iOS - File Include Web Vulnerability

hars for files and foldernames and restrict the user input. Encode and parse also the vulnerable name output value. Security Risk: == The security risk of the local file include web vulnerability in the filename value is estimated as high(-). Credits & Authors: == Vulner

AllReader v1.0 iOS - Multiple Web Vulnerabilities

== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability La

Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability

- LariX4 (resea...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

TigerCom My Assistant v1.1 iOS - File Include Vulnerability

estimated as high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vul

Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities

tion provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of

iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability

= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability

Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or i

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities

rity Risk: == The security risk of the mail encoding vulnerability in the registration module is estimated as medium with a cvss of 3.9. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vuln

PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability

tory [Research Team] - Benjamin Kunz Mejri (b...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or im

Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability

ty is estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Ateeq ur Rehman Khan (at...@evolution-sec.com) (www.vulnerability-lab.com) Disclaimer & Information: = The information provided in this advisory is provided as it is

Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability

n (at...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

Photo Org WonderApplications v8.3 iOS - File Include Vulnerability

include web vulnerability in the filename value is estimated as high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information pro

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability

of the persistent exception-handling web vulnerability is estimated as high(-). Credits & Authors: == Vulnerability Laboratory [Research Team] - Ateeq ur Rehman Khan (at...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: =====

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability

Document Title: === Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1137 Release Date: = 2014-07-08 Vulnerability Laboratory ID (VL-

Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability (BNSEC 703)

sk of the application-side input validation web vulnerability is estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: =

Microsoft MSN HBE - Blind SQL Injection Vulnerability

..@evolution-sec.com] (@OhTheITGuy) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warrantie

Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability

.vulnerability-lab.com) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability an

Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability

e: Advanced >Firmware Updates Page http://www.barracuda.com/kb?id=50160013m4O Security Risk: == The security risk of the persistent input validation web vulnerabilities and estimated as medium(+). Credits & Authors: == Vulnerability Laboratory [Research Tea

Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398

bility-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for

Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities

put validation web vulnerabilities in connection with the input filter bypass are estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ==

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability

rity Risk: == The security risk of the client-side cross site scripting web vulnerability is estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Ateeq ur Rehman Khan (at...@evolution-sec.com) [www.vulnerability-lab.com]

WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities

i (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties o

Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities

Document Title: === Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1103 Barracuda Networks Security ID (BNSEC): BNSE

TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities

ulnerability is estimated as critical. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provi

Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability

ed as high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability

n is estimated as high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities

Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either e

Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability

jri (b...@evolution-sec.com) [ad...@vulnerability-lab.com] [www.vulnerability-lab.com] Disclaimer & Information: ========= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including

PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability

stimated as high. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it i

PhotoSync v2.2 iOS - Command Inject Web Vulnerability

r & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerabil

Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities

[LOCAL COMMAND INJECT VULNERABILITY!]"> 06.08.14 12:27 Solution - Fix & Patch: === The vulnerabilities can be patched by a sec

Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707)

ities are estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provide

Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699)

b.com] Disclaimer & Information: ===== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular pu

Avira License Application - Cross Site Request Forgery Vulnerability

timated as medium. Credits & Authors: == Mazen Gamal - http://www.vulnerability-lab.com/show.php?user=Mazen%20Gamal Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warra

WWW File Share Pro v7.0 - Denial of Service Vulnerability

== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not

Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability

is estimated as high(-). Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it i

PhotoSync v2.2 iOS - Command Inject Web Vulnerability

r & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerabil

Photorange v1.0 iOS - File Include Web Vulnerability

E INCLUDE VULNERABILITY!]%3E.TXT] Content-Type[application/download] Date[Sat, 06 Sep 2014 00:13:00 GMT] Reference(s): Links http://localhost:9900/ http://localhost:9900/Download/ Solution - Fix & Patch: === The vulnerability can be pactehd by a secure parse and enc

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

laimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab o

Briefcase 4.0 iOS - Code Execution & File Include Vulnerability

e. Filter and restrict the filename input. validate the output names in the main item list of the application index. Security Risk: == 1.1 The security risk of the local code execution web vulnerability is estimated as critical. 1.2 The security risk of the local file include web vulne

USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability

== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all w

Oracle Corporation MyOracle - Persistent Vulnerability

ame input fields in the myoracle application. Encode stored data of user in the dbms when processing to send service notifications by the mail info@oracle email to prevent persistent injection attacks. Security Risk: == The security risk of the persistent mail encoding web vulne

GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability

ed in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including

Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities

y and developer team. Security Risk: == The security risk of the both application-side input validation web vulnerabilities is estimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.co

Paypal Inc Bug Bounty #16 - Persistent Mail Encoding Vulnerability

erability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a parti

Oracle Corporation MyOracle - Persistent Vulnerability

s by the mail info@oracle email to prevent persistent injection attacks. Security Risk: == The security risk of the persistent mail encoding web vulnerability in the myoracle account system web-server is estimated as medium. Credits & Authors: == Vulnerability Laboratory

SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability

edin.com/profile/view?id=305567696) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and

PayPal Inc Bug Bounty #59 - Persistent Mail Encoding Vulnerability

of 3.5. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any wa

PayPal Inc Bug Bounty #71 PPM - Persistent Filter Vulnerability

c.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for

All In One Wordpress Firewall 3.8.3 - Persistent Vulnerability

imated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is

BulletProof Security Wordpress v50.8 - POST Inject Vulnerability

== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability La

HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability

Document Title: === HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1329 Release Date: = 2014-10-02 Vulnerability Laboratory ID (VL-ID): ==

PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability

ity Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied,

Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities

======== The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are

PayPal Inc Bug Bounty #53 - Multiple Persistent Vulnerabilities

issue. Security Risk: == The security risk of the persistent input validation vulnerabilities and filter bypass method are estimated as medium. (CVSS 4.3) Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution

PayPal Inc #86 iOS 4.6 - Validation & Design Vulnerability

ium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without

PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass Vulnerability

njamin Kunz Mejri (b...@vulnerability-lab.com) Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of mercha

PayPal Inc BB #96 - Persistent Tags Vulnerability

sory Information: == An independent vulnerability lab researcher discovered a persistent web vulnerability in the official PayPal Inc Community web-application. Vulnerability Disclosure Timeline: == 2014-10-08: Public Disclosure (Vulnerabi

PayPal Inc BB #98 MOS - Persistent Settings Vulnerability

Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warra

PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability

warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss

Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

tion-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantabil

Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

. Credits & Authors: == Vulnerability Laboratory [Research Team] - Ateeq ur Rehman Khan (at...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any

Files Document & PDF 2.0.2 iOS - Multiple Vulnerabilities

1.3 The security risk of the local command inject web vulnerability in the devicename value is etimated as medium. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information

FileBug v1.5.1 iOS - Path Traversal Web Vulnerability

ri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties

iFunBox Free v1.1 iOS - File Include Vulnerability

lnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a par

File Manager v4.2.10 iOS - Code Execution Vulnerability

enjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the war

Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability

input values in the message body context Filter and restrict context of send mails through the application and the web-server of the sonicwall gms appliance. The issue has already been patched by the dell security team in cooperation with the vulnerability-lab during the year 2014. Security

File Manager v4.2.10 iOS - Code Execution Vulnerability

enjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the war

WebDisk+ v2.1 iOS - Code Execution Vulnerability

Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any warranty.

iFileExplorer v6.51 iOS - File Include Web Vulnerability

redits & Authors: == Vulnerability Laboratory [Research Team] - Katharin S. L. (CH) (resea...@vulnerability-lab.com) [www.vulnerability-lab.com] Disclaimer & Information: = The information provided in this advisory is provided as it is without any

Apple iOS v8.0.2 - Silent Contact Denial of Service Vulnerability

Risk: == The security risk of the local denial of service vulnerability thats exploitable through the favorite message app is estimated as low. Credits & Authors: == Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (b...@evolution-sec.com) [www.vuln

<    1   2   3   4   5   6   7   8   9   >