Correction of the typo:
"An authenticated user can visit the file dirary0.js" should be "An
unauthenticated user can visit the file dirary0.js"
From: Tyler Cui
Sent: Monday, 17 December 2018 12:11 AM
To: fulldisclosure@seclists.org
Subject: [CVE-2018-18009] dirary
Correction of the typo:
"An authenticated user can visit the page spaces.htm" should be "An
unauthenticated user can visit the page spaces.htm"
From: Fulldisclosure on behalf of Tyler
Cui
Sent: Monday, 17 December 2018 12:10 AM
To: fulldisclosure@seclists.org
S
Correction of the typo:
"An authenticated user can visit the page atbox.htm" should be "An
unauthenticated user can visit the page atbox.htm"
From: Tyler Cui
Sent: Monday, 17 December 2018 12:09 AM
To: fulldisclosure@seclists.org
Subject: [CVE-2018-18007] atbox.ht
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-224:RSA Archer GRC Platform Improper Access Control Vulnerability
Dell EMC Identifier:DSA-2018-224
CVE Identifier: CVE-2018-15780
Severity: Medium
Severity Rating: CVSS v3 Base Score: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected
[NOTE: This is an expanded version of an earlier post from 2015 with
updated information and fix from the vendor. Full blog post here:
https://wwws.nightwatchcybersecurity.com/2018/12/25/chrome-browser-for-android-reveals-hardware-information/]
SUMMARY
Google’s Chrome browser, WebView and Chrome
The 7th Annual(ish) ShmooCon Epilogue presented to you by the NoVA Hackers
Association. It is an all-day con that is held the day after ShmooCon
(Monday - Jan 21 2019). The event goes from 9 AM to 9 PM with breakfast,
catered lunch and dinner, a CTF, a HAM Radio class and testing just for the
cost
Hello,
We are glad to inform you about the vulnerabilities we reported in ForkCMS
5.0.6.
Here are the details:
Advisory by Netsparker
Name: Stored Cross-site Scripting in ForkCMS
Affected Software: ForkCMS
Affected Versions: 5.0.6
Homepage: https://www.fork-cms.com/
Vulnerability: Stored Cross-s
