[Full-disclosure] TomatoCart 1.x | Cross Site Request Forgery Protection Bypass via JavaScript Hijacking

1. OVERVIEW TomatoCart 1.x versions are vulnerable to Cross Site Request Forgery Protection Bypass. 2. BACKGROUND TomatoCart is an innovative Open Source shopping cart solution developed by Wuxi Elootec Technology Co., Ltd. It is forked from osCommerce 3 as a separate project and is released un

[Full-disclosure] [SECURITY] [DSA 2599-1] nss security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2599-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 06, 2013

[Full-disclosure] CFP: InfoSec Southwest Open

I'm pleased to announce the opening of the Call for Papers (CFP) for InfoSec SouthWest 2013! ISSW2013 will be held Friday, April 19 through Sunday, April 21, in Austin, Texas, USA. The CFP will run six weeks, closing on February 15, 2013. We are also excited about our selection for this year's key

[Full-disclosure] [SECURITY] [DSA 2597-1] rails security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2597-1 secur...@debian.org http://www.debian.org/security/Nico Golde January 04, 2013