WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability

Advisory: WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability Advisory ID:SSCHADV2012-003 Author: Stefan Schurtz Affected Software: Successfully tested on WebsiteBaker 2.8.2 SP2 Vendor URL: www.websitebaker2.org Vendor Status:

CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated]

1. OVERVIEW The CubeCart 3.0.20 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an out of the box ecommerce shopping cart software solution which has been written to run on servers that have PHP MySQL support. With CubeCart you can quickly setup a powerful

[SECURITY] [DSA 2411-1] mumble security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2411-1 secur...@debian.org http://www.debian.org/security/Florian Weimer February 19, 2012

[SECURITY] [DSA 2412-1] libvorbis security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2412-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff February 19, 2012

SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5

SEC Consult Vulnerability Lab Security Advisory 20120220-1 === title: Multiple Vulnerabilities in ELBA5 product: ELBA 5 vulnerable version: ELBA 5.4.1 5.5.0 R4 build 0778

SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional

SEC Consult Vulnerability Lab Security Advisory 20120220-0 === title: Multiple critical vulnerabilities product: VOXTRONIC voxlog professional - voice recording solution

SQL Injection Vulnerabilities in TestLink

-- Information -- Name: SQL Injection Vulnerabilities in TestLink Software tested: TL v1.8.5b checked in v1.9.3 (prior version may be affected) Vendor Homepage: http://www.teamst.org Vendor Notification: 27 January 2012 Vendor Patch: 4 February 2012 Public

DC4420 - London DEFCON - February meet - Tuesday February 21st 2012

This month we have our usual two talk format - one that you'll need to concentrate on (and which will give us time to break into the bar), and one through which you can sip the beer you bought to accompany the one you bought for me... Shaun Colley of IOActive will make our heads hurt with

OxWall 1.1.1 = Multiple Cross Site Scripting Vulnerabilities

1. OVERVIEW OxWall 1.1.1 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Oxwall is a free open source software package for building social networks, family sites and collaboration systems. It is a flexible community website engine developed with the aim to provide

Dolphin 7.0.7 = Multiple Cross Site Scripting Vulnerabilities

1. OVERVIEW Dolphin 7.0.7 and lower versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Dolphin is the only all-in-one free community software platform for creating your own social networking, community or online dating site without any limits and under your full control. Dolphin