Full Disclosure: by thread
89 messages
starting Jul 01 16 and
ending Jul 31 16
Date index |
Thread index |
Author index
- KL-001-2016-003 : SQLite Tempdir Selection Vulnerability KoreLogic Disclosures (Jul 01)
- KWSPHP CMS v1.6.995 - Persistent Cross Site Scripting Web Vulnerability Vulnerability Lab (Jul 04)
- OpenDocMan v1.3.5 - Full Path Disclosure Vulnerability Vulnerability Lab (Jul 04)
- IBM BlueMix Cloud - (API) Persistent Web Vulnerability Vulnerability Lab (Jul 06)
- Teampass 2.1.26 - Authenticated File Upload Vulnerability Vulnerability Lab (Jul 06)
- Micron CMS v5.3 - (cat_id) SQL Injection Vulnerability Vulnerability Lab (Jul 06)
- Executable installers are vulnerable^WEVIL (case 34): Microsoft's vs-community-*.exe susceptible to DLL hijacking Stefan Kanthak (Jul 06)
- Re: Samsung SW Update - Insecure ACLs on SW Update Service Directory - EoP Vulnerability Benjamin Gnahm (Jul 06)
- Re: [oss-security] libical 0.47 SEGV on unknown address Brandon Perry (Jul 06)
- Putty (beta 0.67) DLL Hijacking Vulnerability Sachin Wagh (Jul 06)
- PrinceXML PHP wrapper command injection Brandon Perry (Jul 06)
- CVE-2016-4979: HTTPD webserver - X509 Client certificate based authentication can be bypassed when HTTP/2 is used [vs] Dirk-Willem van Gulik (Jul 06)
- CVE ID Request : OpenFire multiple vulnerabilities Sysdream Labs (Jul 06)
- CIMA DocuClass ECM - Multiple Vulnerabilities Karn Ganeshen (Jul 06)
- RS232-NET Converter (JTC-200) - Multiple vulnerabilities Karn Ganeshen (Jul 06)
- GNU Wget < 1.18 Arbitrary File Upload Dawid Golunski (Jul 06)
- Zero-day flaw lets hackers tamper with your car through BMW portal Vulnerability Lab (Jul 07)
- Acer Portal Android Application - MITM SSL Certificate Vulnerability (CVE-2016-5648) David Coomber (Jul 07)
- CODEBLUE.JP - Conference in Tokyo Calling for Papers by Aug.10 CFP (Jul 07)
- [KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability Egidio Romano (Jul 07)
- BMW - (Token) Client Side Cross Site Scripting Vulnerability Vulnerability Lab (Jul 08)
- BMW ConnectedDrive - (Update) VIN Session Vulnerability Vulnerability Lab (Jul 08)
- Ultimate Member Local File Inclusion vulnerability Summer of Pwnage (Jul 09)
- Persistent Cross-Site Scripting in All in One SEO Pack WordPress Plugin Summer of Pwnage (Jul 09)
- Persistent Cross-Site Scripting in WP Live Chat Support plugin Securify B.V. (Jul 11)
- Persistent Cross-Site Scripting in WordPress Activity Log plugin Summer of Pwnage (Jul 11)
- Cross-Site Scripting vulnerability in Email Users WordPress Plugin Summer of Pwnage (Jul 12)
- Cross-Site Scripting vulnerability in Master Slider WordPress Plugin Summer of Pwnage (Jul 12)
- Cross-Site Scripting vulnerability in Profile Builder WordPress Plugin Summer of Pwnage (Jul 12)
- WP Fastest Cache Member Local File Inclusion vulnerability Summer of Pwnage (Jul 12)
- Easy Forms for MailChimp Local File Inclusion vulnerability Summer of Pwnage (Jul 12)
- [CVE-2016-1014, CVE-2016-4247] Executable installers are vulnerable^WEVIL (case 35): Adobe's Flash Player (un)installers Stefan Kanthak (Jul 12)
- RootExplorer remote code execution 0x3d5157636b525761 iddqd (Jul 12)
- RCE by abusing NAC to gain Domain Persistence. Alexander Korznikov (Jul 12)
- Re: RCE by abusing NAC to gain Domain Persistence. Kurt Buff (Jul 15)
- Re: RCE by abusing NAC to gain Domain Persistence. Joey Maresca (Jul 15)
- WSO2 SOA Enablement Server - Server Side Request Forgery Paweł Gocyla (Jul 12)
- WSO2 SOA Enablement Server - XML External Entity Injection Paweł Gocyla (Jul 12)
- WSO2 SOA Enablement Server - Reflected Cross Site Scripting vulnerability Paweł Gocyla (Jul 12)
- [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries Julien Ahrens (Jul 12)
- [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting Julien Ahrens (Jul 12)
- Hpak - package manager for pentesters. Release announcement Hypsurus (Jul 12)
- Cross-Site Scripting vulnerability in Simple Membership WordPress Plugin Summer of Pwnage (Jul 13)
- Cross-Site Scripting vulnerability in Top 10 - Popular posts plugin for WordPress Summer of Pwnage (Jul 13)
- Cross-Site Scripting vulnerability in WP No External Links WordPress Plugin Summer of Pwnage (Jul 13)
- Cross-Site Scripting vulnerability in Google Forms WordPress Plugin Summer of Pwnage (Jul 13)
- [ERPSCAN-16-019] SAP NetWeaver Enqueue Server - DoS vulnerability ERPScan inc (Jul 15)
- [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability ERPScan inc (Jul 15)
- [ERPSCAN-16-021] SAP xMII - Reflected XSS vulnerability ERPScan inc (Jul 15)
- missing input validation in pmount: arbitrary mount as non-root Imre RAD (Jul 15)
- Blind SQL Injection PivotX <= v2.3.11 Manuel Garcia Cardenas (Jul 15)
- opensshd - user enumeration Harari, Eddie (Jul 15)
- x-originating-ip: [25.162.68.132] bashis (Jul 15)
- Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186) Vulnerability Lab (Jul 19)
- Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin Summer of Pwnage (Jul 19)
- Cross-Site Request Forgery in Icegram WordPress Plugin Summer of Pwnage (Jul 19)
- Multiple SQL injection vulnerabilities in WordPress Video Player Summer of Pwnage (Jul 19)
- Cross-Site Scripting vulnerability in Paid Memberships Pro WordPress Plugin Summer of Pwnage (Jul 20)
- Persistent Cross-Site Scripting in WooCommerce using image metadata (EXIF) Summer of Pwnage (Jul 20)
- Cross-Site Scripting in Contact Form to Email WordPress Plugin Summer of Pwnage (Jul 24)
- Cross-Site Scripting in Code Snippets WordPress Plugin Summer of Pwnage (Jul 24)
- SEC Consult SA-20160725-0 :: Multiple vulnerabilities in Micro Focus (Novell) Filr SEC Consult Vulnerability Lab (Jul 25)
- Executable installers are vulnerable^WEVIL (case 37): eclipse-inst-win*.exe vulnerable to DLL redirection and manifest hijacking Stefan Kanthak (Jul 25)
- Defense in depth -- the Microsoft way (part 41): vulnerable by (poor implementation of bad) design Stefan Kanthak (Jul 25)
- [SEARCH-LAB advisory] UPC Hungary network problems Gergely Eberhardt (Jul 25)
- [SEARCH-LAB advisory] Ubee EVW3226 modem/router multiple vulnerabilities Gergely Eberhardt (Jul 25)
- [SEARCH-LAB advisory] Technicolor TC7200 modem/router multiple vulnerabilities Gergely Eberhardt (Jul 25)
- [SEARCH-LAB advisory] Hitron CGNV4 modem/router multiple vulnerabilities Gergely Eberhardt (Jul 25)
- [SEARCH-LAB advisory] Compal CH7465LG-LC modem/router multiple vulnerabilities Gergely Eberhardt (Jul 25)
- [SEARCH-LAB advisory] Cisco EPC3925 UPC modem/router default passphrase vulnerabilities Gergely Eberhardt (Jul 25)
- CVE-2016-5080: Memory corruption in code generated by Objective Systems Inc. ASN1C compiler for C/C++ [STIC-2016-0603] Programa STIC (Jul 25)
- Reflected XSS in LinkedIn Elar Lang (Jul 25)
- CVE-2016-5399: php: out-of-bounds write in bzread() Hans Jerry Illikainen (Jul 25)
- Amazon’s Silk Browser on the Kindle Didn’t Use SSL for Google Search Nightwatch Cybersecurity (Jul 25)
- XSS and SQLi in huge IT gallery v1.1.5 for Joomla Larry W. Cashdollar (Jul 25)
- Bellini/Supercook Wi-Fi Yumi SC200 - Multiple vulnerabilities James McLean (Jul 25)
- Cross-Site Scripting vulnerability in ColorWay WordPress Theme Summer of Pwnage (Jul 26)
- Nusiorung CMS 2016 - (Login) Auth Bypass Vulnerability Vulnerability Lab (Jul 27)
- DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting Vulnerability Vulnerability Lab (Jul 27)
- VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability Vulnerability Lab (Jul 27)
- VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability Vulnerability Lab (Jul 27)
- Zortam Media Studio 20.60 - Buffer Overflow Vulnerability Vulnerability Lab (Jul 28)
- Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability Vulnerability Lab (Jul 28)
- Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities Vulnerability Lab (Jul 28)
- Saveya Bounty #1 - Bypass & Persistent Vulnerability Vulnerability Lab (Jul 28)
- ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities Vulnerability Lab (Jul 29)
- Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP Summer of Pwnage (Jul 31)
- Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress Plugin Summer of Pwnage (Jul 31)
- Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA Summer of Pwnage (Jul 31)