Imma let you finish, but this:
http://securityreactions.tumblr.com/post/35703074237/mustlive-has-posted-a-new-xss-technique
Nah, I lied. Don't bother finishing.
--
chort
On Nov 21, 2012, at 10:35 AM, MustLive wrote:
> Hello list!
>
> I will draw your attention to XSS vulnerability
_
Hello list!
I will draw your attention to XSS vulnerability in other web applications
with swfupload. Earlier I've wrote about swfupload in AionWeb, Magento,
Liferay Portal, SurgeMail, symfony and that this hole is available in many
other web applications.
In previous letters I've wrote concernin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:173
http://www.mandriva.com/security/
_
Not a compromise.Please check the encoding. Refrsh the page again and it should
work
Regards
Aditya Balapure
Sent on my BlackBerry® from Vodafone
-Original Message-
From: Lucio Crusca
Sender: full-disclosure-boun...@lists.grok.org.uk
Date: Mon, 19 Nov 2012 17:45:56
To:
Subject: [Full-
webubs.com and prioritymeter.com are utility billing service companies.
They do not take security seriously. Then have hundreds of thousands of
customers. All their customer data is exposed to anyone that logs into the
portal via numerous site security flaws such as: Direct Object Reference
(see so
#warning
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
This.
As I recall this happened after changing the "Secret Key". I've also
see this happen after a major upgrade, likely due to the same reason.
Best of luck,
~k
On Mon, 2012-11-19 at 17:51 +0100, Christian Sciberras wrote:
> That is not a compromise. It is related to a change in encoding.
> Pl
Title:
==
ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities
Date:
=
2012-11-15
References:
===
http://www.vulnerability-lab.com/get_content.php?id=689
VL-ID:
=
689
Common Vulnerability Scoring System:
3.5
Introduction:
===
Hello All,
We have updated our project details page and added selected Proof of
Concept codes to it that have been developed as part of our Java SE
security research. They are available for download from SE-2012-01
project details page. Those willing to better understand Reflection
API based abus
Title:
==
Wordpress Facebook Survey v1 - SQL Injection Vulnerability
Date:
=
2012-11-18
References:
===
http://www.vulnerability-lab.com/get_content.php?id=766
VL-ID:
=
766
Common Vulnerability Scoring System:
8.5
Introduction:
Title:
==
LAN.FS Messenger v2.4 - Command Execution Vulnerability
Date:
=
2012-11-14
References:
===
http://www.vulnerability-lab.com/get_content.php?id=760
VL-ID:
=
760
Common Vulnerability Scoring System:
8.2
Introduction:
===
Title:
==
SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities
Date:
=
2012-11-19
References:
===
http://www.vulnerability-lab.com/get_content.php?id=549
VL-ID:
=
549
Common Vulnerability Scoring System:
3.5
Introduction:
12 matches
Mail list logo