Taser Axon Dock (Body-Worn Camera Docking Station) v3.1 - Authentication Bypass

[TITLE] Taser Axon Dock (Body-Worn Camera Docking Station) v3.1 - Authentication Bypass [CREDITS & AUTHORS] Reginald Dodd https://www.linkedin.com/in/reginalddodd [VENDOR & PRODUCT] Taser International Inc. Axon Dock - Body-Worn Camera Docking Station https://www.axon.io/products/dock [SUMMARY]

PayPal Inc BB #127 - 2FA Bypass Vulnerability

Document Title: === PayPal Inc BB #127 - 2FA Bypass Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1903 Release Date: = 2016-08-12 Vulnerability Laboratory ID (VL-ID):

Stash v1.0.3 CMS - SQL Injection Vulnerability

Document Title: === Stash v1.0.3 CMS - SQL Injection Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1899 Release Date: = 2016-08-10 Vulnerability Laboratory ID (VL-ID):

Reflected Cross Site Scripting (XSS) Vulnerability in nopcommerce 3.70

Security Advisory CVE-ID: N/A Topic: Reflected Cross Site Scripting (XSS) Vulnerability in "successful registration" page Class: Input Validation Severity: Medium Discovery: 2016-04-28 Vendor Notification:2016-04-28 Vendor response:2016-05-30 Vendor

Linksys E2500 and E1200 (Unauth Command Injection)

Linksys E2500 and E1200 suffer from missing command injection issue in parental control parameters. This allows an attacker to change the control the device remotely. Combining the attack of no authorization control, it allows an attacker to actually execute unauthenticated command injection

Linksys E1200 and E2500 (Missing authorization on parental control)

Linksys E1200 hardware version 2.2 and firmware version 2.0.07 (build 2) suffer from missing authorization control on parental control page. This allows an attacker to change the parental controls set up by parents to keep kids safe from visiting adult sites and probably compromise a kid’s

OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET)

### # OpenCart 2.0.3.1 Cross Site Scripting Vulnerability ### Information Author: Hamed Izadi Email: array("hamedizadi", "@", "gmail", ".com"); Name: XSS Vulnerability in OpenCart Affected Software : OpenCart Affected

OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET)

### # OpenCart 2.0.3.1 Cross Site Scripting Vulnerability ### Information Author: Hamed Izadi Email: ("hamedizadi", "@", "gmail", ".com"); Name: XSS Vulnerability in OpenCart Affected Software : OpenCart Affected Versions:

OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET)

### # OpenCart 2.0.3.1 Cross Site Scripting Vulnerability ### Information Author: Hamed Izadi Email: ("hamedizadi", "@", "gmail", ".com"); Name: XSS Vulnerability in OpenCart Affected Software : OpenCart Affected Versions:

WSO2-CARBON v4.4.5 CSRF / DOS

[+] Credits: John Page aka HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-CSRF-DOS.txt [+] ISR: ApparitionSec Vendor: www.wso2.com Product: == Ws02Carbon v4.4.5 WSO2 Carbon is the

WSO2 CARBON v4.4.5 PERSISTENT XSS COOKIE THEFT

[+] Credits: John Page aka HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-PERSISTENT-XSS-COOKIE-THEFT.txt [+] ISR: ApparitionSec Vendor: = www.wso2.com Product: == Ws02Carbon v4.4.5

WSO2-CARBON v4.4.5 LOCAL FILE INCLUSION

[+] Credits: John Page aka HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-LOCAL-FILE-INCLUSION.txt [+] ISR: ApparitionSec Vendor: === www.wso2.com Product: Ws02Carbon v4.4.5 WSO2

WSO2 IDENTITY-SERVER v5.1.0 XML External-Entity

[+] Credits: John Page aka HYP3RLINX [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/WSO2-IDENTITY-SERVER-v5.1.0-XML-External-Entity.txt [+] ISR: ApparitionSec Vendor: = www.wso2.com Product: Wso2

[SECURITY] [DSA 3648-1] wireshark security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3648-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2016