Research Team] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=====
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expr
; Authors:
==
SaifAllah benMassaoud & Zahid Mehmood - (
http://www.vulnerability-lab.com/show.php?user=SaifAllahbenMassaoud )
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. V
am] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
i
provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied,
including the warranties of merchantability and capability for a particular
purpose. Vulnerability-Lab or its suppliers are not liable in any case of
damage,
including direct, indir
nformation provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied,
including the warranties of merchantability and capability for a particular
purpose. Vulnerability-Lab or its suppliers are not liable in
lity in the software
core of format factory is estimated as high. (CVSS 6.1)
Credits & Authors:
==
ZwX - [http://www.vulnerability-lab.com/show.php?user=ZwX]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is
ZwX - [http://www.vulnerability-lab.com/show.php?user=ZwX]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranti
VSS 3.1)
Credits & Authors:
==
ZwX - [http://www.vulnerability-lab.com/show.php?user=ZwX]
Disclaimer & Information:
=========
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties,
timated as medium. (CVSS 4.3)
Credits & Authors:
==
ZwX - ( http://zwx.fr ) [ http://www.vulnerability-lab.com/show.php?user=ZwX ]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulner
=====
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranties of merchantability and capability for a
particular purpose. Vulnerability-Lab or its supplie
)
Credits & Authors:
==
ZwX - ( http://zwx.fr ) [ http://www.vulnerability-lab.com/show.php?user=ZwX ]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties,
the appliance
service itself to prevent malicious attack scenarios.
Security Risk:
==
The security risk of the client-side cross site scripting web vulnerability in
the cyberoam iview application is estimated as medium. (CVSS 3.3)
Credits & Authors:
==
Vulner
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranties of merchantability and capability for a
particular purpose. Vulnerability-Lab or its suppl
dvisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied,
including the warranties of merchantability and capability for a particular
purpose. Vulnerability-Lab or its suppliers are not liable in any case of
damage,
including direct, in
bility-lab.com]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied,
including the warranties of merchantability and capability for a p
s high. (CVSS 6.7)
Credits & Authors:
==
Vulnerability Laboratory [Research Team] - Lawrence Amer
(www.vulnerability-lab.com/show.php?user=Lawrence Amer)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranties of merchantability and capability for a
particular purp
the usage of special chars and filter the entries by an escape. Parse
the output context in the profile.form to
prevent application-side executions.
Security Risk:
==
The security risk of the application-side input validation vulnerabilities in
the user profile section is estimat
blogs-journals/execute/
http://bb-lms.localhost:8080/webapps/blogs-journals/execute/editBlogEntry
Credits & Authors:
==
Vulnerability Laboratory [Research Team] - Lawrence Amer - (
http://www.vulnerability-lab.com/show.php?user=Lawrence%20Amer )
Disclaimer & Information:
=
bility in the
bitdefender web-application is estimated as high. (CVSS 5.9)
Credits & Authors:
==
Lawrence Amer - (
http://www.vulnerability-lab.com/show.php?user=Lawrence%20Amer )
Disclaimer & Information:
=
The information provided in thi
%20K.M.]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranties of merchantability and capability for a
particular pur
===
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranties of merchantability and capability for a
particular purpose. Vulnerability-Lab or its suppliers are
ty Laboratory [Research Team] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warrant
Authors:
==
Vulnerability Laboratory [Research Team] -
(https://www.vulnerability-lab.com/show.php?user=Vulnerability-Lab)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab d
Research Team] - SaifAllah benMassaoud
(http://www.vulnerability-lab.com/show.php?user=SaifAllahbenMassaoud)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either e
i_feizezade,Amin_Zohrabi,Shellshock3 and all my friends
+ all members of the Iedb.Ir Team.
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied,
njamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed
or implied, including the warranties of merchantability and capability for a
partic
cripting vulnerability in the
application is estimated as low. (CVSS 3.7)
Credits & Authors:
==
Peter Kok - [http://www.vulnerability-lab.com/show.php?user=Peter%20Kok]
Disclaimer & Information:
=====
The information provided in this advisory is pr
as medium. (CVSS 3.4)
Credits & Authors:
==
Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is withou
eb-application is estimated as medium. (CVSS 3.6)
Credits & Authors:
==
Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisor
he security risk of the sql-injection vulnerability in the web panel of the
xavier application is estimated as medium (CVSS 5.3).
Credits & Authors:
==
Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer
sk:
==
The security risk of the cross site scripting web vulnerability in the
web-application is estimated as medium (CVSS 3.3).
Credits & Authors:
==
Vulnerability Laboratory [Research Team] -
(https://www.vulnerability-lab.com/show.php?user=Vulnerability-Lab)
-injection vulnerabilities in the
web-application is estimated as medium (CVSS 5.3).
Credits & Authors:
==
N/A - Anonymous
Disclaimer & Information:
=====
The information provided in this advisory is provided as it is without any
warranty. Vulnerabi
jri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the
Credits & Authors:
==
Vulnerability Laboratory [Core Research Team] S.AbenMassaoud
[saifmassaoud...@gmail.com]
Profile: https://www.vulnerability-lab.com/show.php?user=S.AbenMassaoud
Disclaimer & Information:
=====
The information provided in this advis
=
Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaim
Title: Edward Snowden free speech at JBFone - Data Security & Privacy
Article:
https://www.vulnerability-db.com/?q=articles%2F2017%2F11%2F23%2Fedward-snowden-free-speech-jbfone-data-security-privacy
Video: https://www.youtube.com/watch?v=JF45xq0W15c
Press:
https://www.heise.de/newsticker/meldung
Kunz Mejri
(http://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.)
Disclaimer & Information:
=========
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, inc
.
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warranties of merchantability and capability for a
particular purpose. Vu
njamin K.M. [b...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M.
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expres
isk:
==
The security risk of the application-side input validation web vulnerability
and the filter bypass issue are estimated as medium. (CVSS 4.5)
Credits & Authors:
======
Benjamin K.M. [b...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Be
as been prevented in the version 4.9.1 up to the
latest released version 5.1 of the wpjobboard wordpress web-application plugin.
Security Risk:
==
The security risk of the remote sql-injection web vulnerabilities in the
wpjobboard web-application is estimated as high (CVSS 6.0).
Credits &
Wickr Inc - App Clock & Message Deletion Glitch P2 - Bug Bounty
(Document) [PDF]
URL: https://www.vulnerability-lab.com/get_content.php?id=2107
Vulnerability Magazine:
https://www.vulnerability-db.com/?q=articles/2018/01/04/wickr-inc-app-clock-message-deletion-glitch
--
VULNERABILITY LABORATOR
and injection vulnerability via path variable in
the web-application is estimated as high (CVSS 6.2).
Credits & Authors:
==
Benjamin K.M. [b...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M.
Disclaimer & Information:
===
===
The security risk of the client-side cross site scripting web vulnerabilities
in the content management system are estimated as medium. (CVSS 3.4)
Credits & Authors:
==
Benjamin K.M. [b...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M.
Discla
sistent input validation web vulnerability is
estimated as medium (CVSS 3.8).
Credits & Authors:
==
Vulnerability-Lab [resea...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Vulnerability-Lab
Disclaimer & Information:
provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warranties of merchantability and capability for a
particular purpose. Vulnerability-Lab or its suppliers are not liable in any
case of damage, including direct, indi
.]
[www.vulnerability-lab.com]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warranties of merchantability and
lab.com)
[www.vulnerability-lab.com]
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warranties of merchantability
ovided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warranties of merchantability and capability for a
particular purpose. Vulnerability-Lab or its suppliers are not liable in any
case of damage,
@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M.
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
imp
to prevent further exploitation
Security Risk:
==
The security risk of the remote sql-injection web vulnerability in the
web-application is estimated as medium (cvss 5.7).
Credits & Authors:
==
Vulnerability-Lab [resea...@vulnerability-lab.com] -
https://www.vul
ovided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warranties of merchantability and capability for a
particular purpose. Vulnerability-Lab or its suppliers are not liable in any
case of damage,
https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M.
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warr
ion are estimated as medium. (CVSS 4.4)
Credits & Authors:
==
Benjamin K.M. [b...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M.
Disclaimer & Information:
=
The information provided in this advisory is provi
https://www.vulnerability-lab.com/show.php?user=Benjamin%20K.M.
Disclaimer & Information:
=
The information provided in this advisory is provided as it is without any
warranty. Vulnerability Lab disclaims all warranties, either expressed or
implied, including the warrantie
d to prevent further script code injection attacks.
The vulnerability can be resolved by an update to version 5.3.4 that is
delivered by the manufacturer. The issue risk is marked as moderate.
Security Risk:
==
The security risk of the stored cross site scripting vulnerabilities in t
estimated as medium. (CVSS 3.2)
Credits & Authors:
==
Vulnerability Laboratory [Research Team] - Lawrence Amer
(http://lawrenceamer.me)
Profile: https://www.vulnerability-lab.com/show.php?user=Lawrence Amer
Disclaimer & Information:
=========
The informati
tos
web panel application is estimated as high. (CVSS 7.5)
Credits & Authors:
==
Vulnerability-Lab [ad...@vulnerability-lab.com] -
https://www.vulnerability-lab.com/show.php?user=Vulnerability-Lab
Disclaimer & Information:
=
The information pro
SEC Consult Vulnerability Lab Security Advisory < 20110407-0 >
===
title: Libmodplug ReadS3M Stack Overflow
product: Libmodplug library
vulnerable version: 0.8.8.1
fixed version: 0
SEC Consult Vulnerability Lab Security Advisory < 20130709-0 >
===
title: Denial of service vulnerability
product: Apache CXF
vulnerable version: Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4
SEC Consult Vulnerability Lab Security Advisory < 20130719-0 >
===
title: Multiple vulnerabilities
product: Sybase EAServer
vulnerable version: <=6.3.1
fixed version: vendor did not suppl
SEC Consult Vulnerability Lab Security Advisory < 20130726-0 >
===
title: Multiple vulnerabilities - Surveillance via Symantec Web
Gateway
product: Symantec Web Gateway
vuln
SEC Consult Vulnerability Lab Security Advisory < 20130805-0 >
===
title: Vodafone EasyBox Default WPS PIN Algorithm Weakness
product: EasyBox 802 & EasyBox 803
vulnerable version: EasyBox
SEC Consult Vulnerability Lab Security Advisory < 20130904-0 >
===
title: Undocumented password reset and admin takeover &
Cross-Site Scripting vulnerabilities
product:
SEC Consult Vulnerability Lab Security Advisory < 20131003-0 >
===
title: nsconfigd NSRPC_REMOTECMD Denial of service vulnerability
product: Citrix NetScaler
vulnerable version: NetScaler 10.0
SEC Consult Vulnerability Lab Security Advisory < 20131004-0 >
===
title: SQL injection vulnerability
product: Zabbix
vulnerable version: <=2.0.8
fixed version: 2.0.9rc1
CVE nu
SEC Consult Vulnerability Lab Security Advisory < 20131015-0 >
===
title: Multiple vulnerabilities in SpamTitan
product: SpamTitan
vulnerable version: <=5.12, 5.13 is likely to be aff
SEC Consult Vulnerability Lab Security Advisory < 20131227-0 >
===
title: XPath Injection
product: IBM Web Content Manager (WCM)
vulnerable version: 6.x, 7.x, 8.x
fixed v
SEC Consult Vulnerability Lab Security Advisory < 20140122-0 >
===
title: Multiple critical vulnerabilities
product: T-Mobile HOME NET Router LTE / Huawei B593u-12
vulnerable version: V100R001C54SP
SEC Consult Vulnerability Lab Security Advisory < 20140218-0 >
===
title: Multiple critical vulnerabilities
product: Symantec Endpoint Protection
vulnerable version: 11.0, 12.0, 12.1
fixed v
SEC Consult Vulnerability Lab Security Advisory < 20140227-0 >
===
title: Local Buffer Overflow vulnerability
product: SAS for Windows (Statistical Analysis System)
vulnerable version: SAS 9.2, 9
SEC Consult Vulnerability Lab Security Advisory < 20140228-0 >
===
title: Privilege escalation vulnerability
product: MICROSENS Profi Line Modular Industrial Switch Web
M
SEC Consult Vulnerability Lab Security Advisory < 20140228-1 >
===
title: Authentication bypass (SSRF) and local file disclosure
product: Plex Media Server
vulnerable version: <=0.9.9.2.37
SEC Consult Vulnerability Lab Security Advisory < 20140307-0 >
===
title: Unauthenticated access & manipulation of settings
product: Huawei E5331 MiFi mobile hotspot
vulnerable version: Softwa
SEC Consult Vulnerability Lab Security Advisory < 20140328-0 >
===
title: Multiple critical vulnerabilities
product: Symantec LiveUpdate Administrator
vulnerable version: <= 2.3.2.99
fixe
SEC Consult Vulnerability Lab Security Advisory < 20140402-0 >
===
title: Multiple vulnerabilities
product: Rhythm Software File Manager
Rhythm Software File Manager HD
vuln
SEC Consult Vulnerability Lab Security Advisory < 20140411-0 >
===
title: Multiple vulnerabilities
product: Plex Media Server
vulnerable version: confirmed in 0.9.9.10
fixed version
SEC Consult Vulnerability Lab Security Advisory < 20140423-0 >
===
title: Path Traversal/Remote Code Execution
product: WD Arkeia Virtual Appliance (AVA)
vulnerable version: All Arkeia Network
SEC Consult Vulnerability Lab Security Advisory < 20140430-0 >
===
title: SQL injection and persistent XSS
product: Typo3 3rd party extension si_bibtex
vulnerable version: si_bibtex 0.2.3
SEC Consult Vulnerability Lab Security Advisory < 20140508-0 >
===
title: Multiple critical vulnerabilities
product: AVG Remote Administration
vulnerable version: all - except issue #2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140521-0 >
===
title: Multiple vulnerabilities
product: CoSoSys Endpoint Protector 4
vulnerable v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140528-0 >
===
title: Root Backdoor & Unauthenticated access to voice recordings
product: NICE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140606-0 >
===
title: Multiple critical vulnerabilities
product: WebTitan
vulnerable version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140630-0 >
===
title: Multiple severe vulnerabilities
product: IBM Algorithmics RICOS
vulnerable v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20140701-0
===
title: Stored cross-site scripting vulnerabilities
product: EMC Documentum eRoom
vulnerable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140710-0 >
===
title: Multiple critical vulnerabilities in Shopizer webshop
product: Shopizer
vuln
SEC Consult Vulnerability Lab Security Advisory < 20140710-2 >
===
title: Multiple critical vulnerabilites
product: Schrack MICROCONTROL emergency light system
vulnerable version: before 1.7.
SEC Consult Vulnerability Lab Security Advisory < 20140710-3 >
===
title: Design Issue / Password Disclosure
product: All WAGO-I/O-SYSTEMs which provide a CODESYS V2.3 WebVisu
vulnerable version: S
SEC Consult Vulnerability Lab Security Advisory < 20140710-1 >
===
title: Multiple high risk vulnerabilities in Shopizer webshop
product: Shopizer
vulnerable version: 1.1.5 and below
fixed v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140716-0 >
===
title: Multiple SSRF vulnerabilities
product: Alfresco Community Edition
vuln
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140716-1 >
===
title: Remote Code Execution via CSRF
product: OpenVPN Access Server "Des
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140716-2 >
===
title: Multiple vulnerabilities
product: Citrix NetScaler Application Delivery Cont
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140716-3 >
===
title: Multiple critical vulnerabilities
product: Bitdefender GravityZone
vuln
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140805-0 >
===
title: Multiple vulnerabilities
product: Readsoft Invoice Processing / Process Di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140828-0 >
===
title: Reflected Cross-Site Scripting
product: F5 BIG-IP
vulnerable version: <
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20141015-0 >
===
title: Potential Cross-Site Scripting
product: ADF Faces
vulnerable version: 12
SEC Consult Vulnerability Lab Security Advisory < 20141029-0 >
===
title: Multiple critical vulnerabilities
product: Vizensoft Admin Panel
vulnerable version: 2014
fixed v
SEC Consult Vulnerability Lab Security Advisory < 20141029-1 >
===
title: Persistent cross site scripting
product: Confluence RefinedWiki Original Theme
vulnerable version: 3.x - 4.0.x
SEC Consult Vulnerability Lab Security Advisory < 20141031-0 >
===
title: XML External Entity Injection (XXE) and Reflected XSS
product: Scalix Web Access
vulnerable version: 11.4.6.123
601 - 700 of 846 matches
Mail list logo