Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS)
Vulnerabilities
1. OVERVIEW
Joomla! 1.7.0-RC and versions of 1.6.x are vulnerable to multiple
Cross Site Scripting issues.
2. BACKGROUND
Joomla is a free and open source content management system (CMS) for
publishing content on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:116
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:117
http://www.mandriva.com/security/
The CoreTex Competitions Team from Core Security is happy to announce
the *2nd Open Backdoor Hiding Finding Contest* to be held at DEFCON
0x13 this year!
Hiding a backdoor in open source code that will be subjected to the
scrutiny of security auditors by the hundreds may not be an easy task.
On Thu, May 12, 2011 at 09:59:16AM +0700, Bkis wrote:
1. General Information
sNews is a free content management system (CMS) written in PHP and MySQL. It
is available at http://snewscms.com/. In April 2011, Bkis Security discovered
an XSS (Cross-site Scripting) vulnerability in sNews CMS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:118
http://www.mandriva.com/security/
### IRANIAN THE BEST HACKERS IN THE WORLD
##
##
## Remote SQL injection Vulnerability
##
## CobraScripts (search_result.php?cid)
##
###
phpMyAdmin 3.x Conditional Session Manipulation
###[ Advisory from ]###
Solaris USB configuration descriptor kernel stack overflow (CVE-2011-2295)
25 July 2011
Andy Davis of NGS Secure has discovered a High risk vulnerability in Oracle
Solaris. A local attacker can send a malformed USB configuration descriptor via
a malicious USB device and trigger a kernel stack
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2282-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
July 25, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2283-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
July 25, 2011
View here:
https://www.stevenroddis.com/phpbb-ajax-chatshoutbox-mod-csrf-vulnerability/
Title: phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability
Release Date: 2011-04-30
Product Affected: http://startrekaccess.com/community/viewtopic.php?f=127t=8675
Responsible Disclosure:
After repeated attempts
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2284-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
July 25, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:119
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
DFN-CERT Services GmbH - Security Advisory
==
* Advisory: DSB-2011-01
* Version: 1.0
* Released on: 2011-07-22
* Updated on: 2011-07-22
* Product: FreeRADIUS 2.1.11 (2011-06-29)
Summary
- ---
FreeRADIUS
OWASP AppSec USA 2011 pre-conference challenge #3 - July is now posted. The
first person to solve the challenge earns a ticket to the OWASP AppSec USA 2011
conference September 22-23 (by the way, we've now posted 30+ upcoming talks,
with more to come).
http://www.appsecusa.org/ctf.html
Good
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2011-07-20-2 iWork 9.1 Update
iWork 9.1 Update is now available and addresses the following:
Numbers
Available for: iWork 9.0 through 9.0.5
Impact: Opening a maliciously crafted Excel file may lead to an
unexpected application
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update
iOS 4.3.5 Software Update is now available and addresses the
following:
Data Security
Available for:
iOS 3.0 through 4.3.4 for iPhone 3GS and iPhone 4 (GSM),
iOS 3.1 through 4.3.4 for iPod touch (3rd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone
iOS 4.2.10 Software Update for iPhone is now available and addresses
the following:
Data Security
Available for: iOS 4.2.5 through 4.2.9 for iPhone 4 (CDMA)
Impact: An attacker with a
19 matches
Mail list logo