101 messages
starting Jan 31 15 and
ending Feb 28 15
Date index |
Thread index |
Author index
CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities Jing Wang (Jan 31)
Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384 Onur Yilmaz (Jan 31)
Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you Stefan Kanthak (Jan 31)
SQL injection vulnerabilities in zerocms <= v.1.3.3 Steffen Rösemann (Jan 31)
iTunes 12.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... Stefan Kanthak (Jan 31)
Message not available
CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability Alex Haynes (Feb 02)
Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities ITAS TEAM (Feb 02)
CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Security Vulnerabilities Jing Wang (Feb 02)
About Group (about.com) All Topics (At least 99.88% links) Vulnerable to XSS & Iframe Injection Security Attacks, About.com Open Redirect Security Vulnerabilities Jing Wang (Feb 02)
[Call For Papers] BSides Knoxville, TN - May 15th 2015 Adam Caudill (Feb 02)
Maldrone for drones. Rahul Sasi (Feb 03)
My Little Forum Multiple XSS Security Vulnerabilities Jing Wang (Feb 03)
MSA-2015-02: Hewlett-Packard UCMDB - JMX-Console Authentication Bypass Advisories (Feb 03)
Capstone disassembly engine 3.0.1 released! Nguyen Anh Quynh (Feb 03)
SQL injection vulnerability in Pragyan CMS v.3.0 Steffen Rösemann (Feb 03)
CFP: Extended submission deadline:: ISSRMET2015 Dubai Hazel Ann (Feb 04)
Very Important Info About "Major Internet Explorer Vulnerability - NOT Patched" David Leo (Feb 07)
LG On Screen Phone authentication bypass (CVE-2014-8757) Imre Rad (Feb 07)
Responder Windows Version laurent gaffie (Feb 07)
Multiple CSRF vulnerabilities in eFront v. 3.6.15.2 (CE) Steffen Rösemann (Feb 07)
[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page RedTeam Pentesting GmbH (Feb 10)
Barracuda Cloud Series - Filter Bypass Vulnerability (ID 731) Vulnerability Lab (Feb 11)
Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Vulnerability Lab (Feb 11)
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability Vulnerability Lab (Feb 11)
Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability Vulnerability Lab (Feb 11)
T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll) Vulnerability Lab (Feb 11)
Radexscript CMS 2.2.0 - SQL Injection vulnerability ITAS Team (Feb 11)
MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC Samandeep Singh (Feb 11)
CVE-2014-6412 - WordPress (all versions) lacks CSPRNG Scott Arciszewski (Feb 11)
[ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft) Stefan Kanthak (Feb 11)
Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii) Jonathan Brossard (Feb 12)
eTouch SamePage v4.4.0.0.239 multiple vulnerabilities Brandon Perry (Feb 12)
CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Jing Wang (Feb 12)
CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities Jing Wang (Feb 12)
Followup on CVE-2014-6412 Scott Arciszewski (Feb 12)
Vanilla forum Stored XSS on any private message / thread post W S (Feb 12)
NetGear WNDR Authentication Bypass / Information Disclosure Peter Adkins (Feb 12)
Reflecting XSS vulnerabitlies, unrestricted file upload and underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version) Steffen Rösemann (Feb 12)
CVE-2015-1574 - Google Email App 4.2.2 remote denial of service Hector Marco (Feb 13)
CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four Hector Marco (Feb 13)
HumHub .htaccess file upload vulnerability and remote code execution A. W. (Feb 13)
Siemens SIMATIC TIA Portal (Step 7/WinCC) fixes SCADA StrangeLove (Feb 16)
Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability Vulnerability Lab (Feb 17)
[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite RedTeam Pentesting GmbH (Feb 18)
Agora Marketplace CSRF to Steal Bitcoins (agorahooawayyfoe.onion) agoraagoraagora (Feb 18)
Bug in TradeWinds Juan Martinez (Feb 18)
DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Jing Wang (Feb 18)
DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities Jing Wang (Feb 18)
DLGuard SQL Injection Security Vulnerabilities Jing Wang (Feb 18)
CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities Jing Wang (Feb 18)
Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilities Rehan Ahmed (Feb 18)
[CVE-REQUEST] Multiple vulnerabilities on GLPI Stiehl (Feb 18)
PHP Code Execution in jui_filter_rules Parsing Library Timo Schmid (Feb 18)
Reflecting XSS- and SQL injection-vulnerabilities in the administrative backend of Piwigo <= v. 2.7.3 Steffen Rösemann (Feb 18)
Reflected File Download in AOL Search Website Ricardo Iramar dos Santos (Feb 18)
WooCommerce WordPress plugin 2.2.10 Reflected XSS Eric Flokstra (Feb 21)
Easy Social Icons WordPress plugin v1.2.2 Persistent XSS and CSRF Eric Flokstra (Feb 21)
New version of Hyperion PE runtime encrypter Levon Kayan (Feb 21)
VLC for Android beta crash Paweł (Feb 21)
Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities Praveen D (Feb 21)
Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames) Stefan Kanthak (Feb 21)
iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... Stefan Kanthak (Feb 21)
Multiple stored XSS-vulnerabilities in MyBB v. 1.8.3 Steffen Rösemann (Feb 21)
Multiple SQLi-, stored/reflected XSS- and CSRF-vulnerabilities in phpBugTracker v. 1.6.0 Steffen Rösemann (Feb 21)
Use After Free Vulnerability in unserialize() with DateTime* [CVE-2015-0273] Taoguang Chen (Feb 21)
Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone Taoguang Chen (Feb 21)
xaviershay-dm-rails v0.10.3.8 mysql credential exposure Larry W. Cashdollar (Feb 21)
Defense in depth -- the Microsoft way (part 29): contradicting, ambiguous, incomplete documentation Stefan Kanthak (Feb 21)
Fwd: Apple OS X: Don't trust, and don't prompt to trust certificates Douglas Held (Feb 22)
ECommerce-Shopping Cart Zeuscart v. 4: Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities Steffen Rösemann (Feb 22)
WESP SDK multiple Remote Code Execution Vulnerabilities Praveen D (Feb 23)
[Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File Repository Server Read via CORBA Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File Repository Server Write via CORBA Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA Onapsis Research Labs (Feb 25)
[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA Onapsis Research Labs (Feb 25)
DSS TFTP 1.0 Server - Path Traversal Vulnerability Vulnerability Lab (Feb 26)
Data Source: Scopus CMS - SQL Injection Web Vulnerability Vulnerability Lab (Feb 26)
Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities Vulnerability Lab (Feb 26)
SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home SEC Consult Vulnerability Lab (Feb 27)
Swiss File Knife v1.7.4 HTTP - Buffer Overflow Vulnerability Vulnerability Lab (Feb 28)