Microweber 0.95 - SQL Injection Vulnerability

# Exploit Title:Microweber 0.95 - SQL Injection Vulnerability # Vendor: https://microweber.com/ # Download link:https://microweber.com/download (https://github.com/microweber/microweber) # CVE ID: CVE-2014-9464 # Vulnerability:SQL Injection # Affected

Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities

# Exploit Title: Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities # Vendor: http://www.sefrengo.org/ # Download link: http://forum.sefrengo.org/index.php?showtopic=3368 (https://github.com/sefrengo-cms/sefrengo-1.x/tree/22c0d16bfd715631ed317cc99

[SECURITY] [DSA 3148-1] chromium-browser end of life

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3148-1 secur...@debian.org http://www.debian.org/security/ Michael Gilbert January 31, 2015

Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384

Information Advisory by Netsparker. Name: XSS Vulnerability in Banner Effect Header Affected Software : Banner Effect Header Affected Versions: 1.2.7 and possibly below Vendor Homepage : https://wordpress.org/plugins/banner-effect-header/ Vulnerability Type : Cross-site Scripting

Major Internet Explorer Vulnerability - NOT Patched

Deusen just published code and description here: http://www.deusen.co.uk/items/insider3show.3362009741042107/ which demonstrates the serious security issue. Summary An Internet Explorer vulnerability is shown here: Content of dailymail.co.uk can be changed by external domain. How To Use 1.

Fork CMS 3.8.3 - XSS Vulnerability

# Exploit Title:Fork CMS 3.8.3 - XSS Vulnerability # Vendor: http://www.fork-cms.com # Download link:http://www.fork-cms.com/blog/detail/fork-3.8.4-released # CVE ID: CVE-2014-9470 # Vulnerability:Cross-Site Scripting # Affected version: Fork 3.8.3

Defense in depth -- the Microsoft way (part 27): the command line you get differs from the command line I use to call you

Hi @ll, on Windows, the command line an application receives can differ from the command line the calling application supplies to CreateProcess*(). The documentation of GetCommandLine() https://msdn.microsoft.com/en-us/library/ms683156.aspx tells: | Note The name of the executable in the

[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04552143 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04552143 Version: 1 HPSBMU03236

[SECURITY] [DSA 3150-1] vlc security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3150-1 secur...@debian.org http://www.debian.org/security/Alessandro Ghedini February 02, 2015

[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04553906 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04553906 Version: 1 HPSBMU03239

[SECURITY] [DSA 3149-1] condor security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3149-1 secur...@debian.org http://www.debian.org/security/Sebastien Delafond February 02, 2015