Wordpress Media Cleaner Plugin - XSS Vulnerability

# Exploit Title: Wordpress Media Cleaner - XSS # Author: #304;smail SAYGILI # Web Site: www.ismailsaygili.com.tr # E-Mail: ileti...@ismailsaygili.com.tr # Date: 2015-02-26 # Plugin Download: https://downloads.wordpress.org/plugin/wp-media-cleaner.2.2.6.zip # Version: 2.2.6 # Vulnerable File(s):

SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home

SEC Consult Vulnerability Lab Security Advisory 20150227-0 === title: Multiple vulnerabilities product: Loxone Smart Home vulnerable version: Firmware: 5.49; Android-App: 3.4.1 fixed version: 6.3

Cross-Site-Scripting (XSS) in tcllib's html::textarea

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: Cross-Site-Scripting (XSS) in tcllib's html::textarea Release Date: 26 February 2015 Last Modified: 26 February 2015

HelpDezk 1.0.1 Multiple Vulnerabilities

# Exploit Title: HelpDezk 1.0.1 Multiple Vulnerabilities # Google Dork: intext: helpdezk-community-1.0.1 # Date: 26-2-2015 # Exploit Author: Dennis Veninga # Vendor Homepage: http://www.helpdezk.org/ # Vendor contacted: 26-2-2015 # Version: 1.0.1 # Tested on: Firefox 36 Chrome 38 / W8.1-x64

[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags

CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags Severity: Important Vendor: The Apache Software Foundation Versions Affected: Standard Taglibs 1.2.1 The unsupported 1.0.x and 1.1.x versions may also be affected. Description: When an application uses x:parse or x:transform tags to