Blogs manager = 1.101 SQL Injection Vulnerability

Dear all, I have found a SQL injection vulnerability in Blogs manager = 1.101 It seems to be version 1.101 as you can see in the files section of sourceforge. I reported the vulnerability to the vendor but no response as stated in the advisory. Best, muuratsalo -- ADVISORY --

Valid tiny-erp = 1.6 SQL Injection Vulnerability

Dear all, I have found a SQL injection vulnerability in Valid tiny-erp = 1.6. It seems to be version 1.6 as you can see in the 'project' section of www.valid.gr. Anyway there is not any specific number version in the sourceforge page. I reported the vulnerability to the vendor but no response as

Freelancer calendar = 1.01 SQL Injection Vulnerability

Dear all, I have found multiple a SQL injection vulnerability in Freelancer calendar = 1.01. It seems to be version 1.01 as you can see in the 'Files' section of the Sourceforge page. I reported the vulnerability to the vendor but no response as stated in the advisory. Best, muuratsalo --

wordpress Lanoba Social Plugin Xss Vulnerabilities

a bug in wordpress Lanoba Social Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. # #

[SECURITY] [DSA 2349-1] spip security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2349-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff November 19, 2011

Support Incident Tracker = 3.65 (translate.php) Remote Code Execution Vulnerability

Support Incident Tracker = 3.65 (translate.php) Remote Code Execution Vulnerability author...: Egidio Romano aka EgiX mail.: n0b0d13s[at]gmail[dot]com software link: http://sitracker.org/ affected versions: from 3.45 to 3.65 [-] vulnerable code in

[ GLSA 201111-05 ] Chromium, V8: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[ GLSA 201111-06 ] MaraDNS: Arbitrary code execution

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[ GLSA 201111-07 ] TinTin++: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[ GLSA 201111-08 ] radvd: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[ GLSA 201111-09 ] Perl Safe module: Arbitrary Perl code injection

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[ GLSA 201111-10 ] Evince: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[ GLSA 201111-11 ] GNU Tar: User-assisted execution of arbitrary code

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 20-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[SECURITY] [DSA 2350-1] freetype security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2350-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff November 20, 2011

[SECURITY] [DSA 2348-1] systemtap security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2348-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff November 17, 2011

Implications of IPv6 on network firewalls

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Folks, An article about IPv6 firewalls that I've written for Techtarget has just been published. It is available here: http://searchenterprisewan.techtarget.com/tip/IPv6-firewall-security-Fixing-issues-introduced-by-the-new-protocol Any comments are

Wordpress alert-before-your-post Plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress alert-before-your-post Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. ### #

Wordpress adminimize Plugin Vulnerabilities

a bug in Wordpress adminimize Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. # #

OWASP Academy Portal - FREE OWASP TOP 10 security challenges with Hacking-Lab

The OWASP Academy-Portal is proud to announce the first free online OWASP TOP 10 security lab based on Hacking-Lab.com! Hacking-Lab is supporting the OWASP mission and made their online training environment available for OWASP on free-to-use basis! The Hacking-Lab is not just a common hackme

Re: Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0

On Wed, Nov 09, 2011 at 09:59:18AM +, secur...@infoserve.de wrote: Advisory: Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0 Advisory ID: INFOSERVE-ADV2011-03 Author: Stefan Schurtz Contact:

Re: wordpress Lanoba Social Plugin Xss Vulnerabilities

On Sat, Nov 19, 2011 at 05:40:16AM +, a...@irist.ir wrote: a bug in wordpress Lanoba Social Plugin that allows to us to occur a Cross-Site Scripting on a Remote machin.

[SECURITY] [DSA 2351-1] wireshark security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2351-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff November 21, 2011