Shopify suffered from an XXE attack within their online stores domain -
*.myshopify.com
They were extremely quick in confirming and fixing the issue (even
though it was a Sunday).
Full details with the usual screen shots can be found at
http://www.securatary.com
--
All the best
Mark
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2862-1 secur...@debian.org
http://www.debian.org/security/ Michael Gilbert
February 16, 2014
#
#
# COMPASS SECURITY ADVISORY http://www.csnc.ch/
#
#
#
# CVE ID : CVE-2014-1597
# CSNC ID: CSNC-2014-003
# Product: i-doit
# Vendor: synetics Gesellschaft für
Hi MustLive,
I have read both of those carefully (the websecurity one, via Google
Translate) and watched the video.
I agree that someone who came across a WordPress site with crashed
tables might get an installer screen. That would be bad. But it is also
very unlikely to occur often. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2014:035
http://www.mandriva.com/en/support/security/
Document Title:
===
My PDF Creator DE DM v1.4 iOS - Multiple Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1201
Release Date:
=
2014-02-16
Vulnerability Laboratory ID (VL-ID):
CHRISTMAS ISLANDS PATENT APPLICATION20142329
RECON 2014 February 17th, 2014
BACKGROUND
[FIELD OF INVENTION]
- REcon 2014 is a computer security conference for reverse engineers,
hackers, and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2014:036
http://www.mandriva.com/en/support/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2014:037
http://www.mandriva.com/en/support/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2014:038
http://www.mandriva.com/en/support/security/
VDBs, please note that the referenced CVE ID is wrong. CVE-2014-1643 was
actually assigned to this issue by Symantec.
Tim
--
Tim Brown
mailto:t...@65535.com
signature.asc
Description: This is a digitally signed message part.
___
Full-Disclosure - We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Since November 2013 I reported seven Cross-site Scripting
vulnerabilities to the Giftcard Bug Bounty Program. Sadly, only one of
them wasn't a duplicate :-/. Strange? Perhaps, but not impossible
given the simplicity of the vulnerabilities.
But what I
12 matches
Mail list logo