[Full-disclosure] [SECURITY] [DSA 2190-1] wordpress security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2190-1 secur...@debian.org http://www.debian.org/security/ Giuseppe Iuculano March 11, 2011

[Full-disclosure] IAA and XSS vulnerabilities in CMS WebManager-Pro

Hello list! I want to warn you about Insufficient Anti-automation and Cross-Site Scripting vulnerabilities in CMS WebManager-Pro. It's Ukrainian commercial CMS. Earlier I already told about interesting RCE vulnerability in this CMS, which I mentioned about last month in article Placing shells

[Full-disclosure] Trixbox CE - undocumented web admin

Affected products: - Trixbox CE 2.8.0.4 and below Trixbox CE 2.6.2.3 and below -- Details: -- Trixbox CE, an Asterisk and FreePBX based system ships with undocumented web admin. The admin web interface can be accessed by user wwwadmin which grants full

[Full-disclosure] java.text.MessageFormat - thread safety - a vital question

Hello Forum This question is especially on the function *public static String format(String pattern, Object... arguments)* in Message format class. No information is given in Javadoc for this function regarding thread safety. However a generic message for the entire class is given in the javadoc

Re: [Full-disclosure] Insect Pro 2.1 : New version release

On 03/08/2011 06:55 PM, Mario Vilas wrote: It seems to be a different version. IMHO if I have to pay to download it then it's not really free. Insect should follow the same donation policy as any open source project - download should be free and donation should be optional. This is probably