from:"ISecAuditors Security Advisories"

[Full-disclosure] [ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com)

2014-02-14 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2014-001 - Original release date: February 4, 2014 - Last revised: February 4, 2014 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) - CVE-ID: -

[Full-disclosure] [ISecAuditors Security Advisories] Multiple reflected XSS vulnerabilities in Atmail WebMail

2014-02-06 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-014 - Original release date: March 25th, 2013 - Last revised: March 25th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) - CVE-ID: CVE-2013-6229

[Full-disclosure] [ISecAuditors Security Advisories] SQL Injection vulnerability in Project'Or RIA allow arbitrary access to the database and the file system

2013-11-05 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-017 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 6.8/10 (CVSSv2 Base Scored) - CVE-ID: CVE-2013-6164

[Full-disclosure] [ISecAuditors Security Advisories] Multiple XSS vulnerabilities in Project'Or RIA

2013-11-05 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-018 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) - CVE-ID: CVE-2013-6163

[Full-disclosure] [ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability

2013-11-05 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-005 - Original release date: 3rd March 2013 - Last revised: 10th March 2013 - Discovered by: Eduardo Garcia Melia - Severity: 5.2/10 (CVSS Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Vulnerabilities in Telaen = 1.3.0

2013-06-04 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-009 - Original release date: March 15th, 2013 - Last revised: June 4th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) - CVE-ID: CVE-2013-2621, CVE-2013-2623,

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery = v1.8.9

2013-04-06 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-012 - Original release date: March 19th, 2013 - Last revised: April 6th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 5/10 (CVSS Base Score) - CVE-ID: CVE-2013-2631

[Full-disclosure] [ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail = v7.0.2

2013-03-27 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-004 - Original release date: March 9th, 2013 - Last revised: March 25th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) - CVE-ID: CVE-2013-2585

[Full-disclosure] [ISecAuditors Security Advisories] CSRF vulnerability in LinkedIn

2013-03-26 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-001 - Original release date: January 30th, 2013 - Last revised: March 25th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Score) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in LinkedIn Investors

2013-03-26 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-006 - Original release date: 4th March 2013 - Last revised: 25th March 2013 - Discovered by: Eduardo Garcia Melia - Severity: 4.3/10 (CVSS Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics

2013-03-11 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2013-002 - Original release date: January 22nd, 2013 - Last revised: March 10th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Multiple vulnerabilities in Zyncro social network

2011-09-22 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2011-003 - Original release date: 13th September 2011 - Last revised: 22nd September 2011 - Discovered by: Ferran Pichel - Severity: 7.5/10 (CVSSv2 Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Facebook social network vulnerable to Open Redirect

2011-07-22 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2011-001 - Original release date: 18th July 2011 - Last revised: 22nd July 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 6.8/10 (CVSSv2 Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Multiple vulnerabilities in Hi5.com social network

2011-05-02 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-11 - Original release date: 29th October 2010 - Last revised: 1st May 2011 - Discovered by: Eduardo Garcia Melia - Severity: 7.8/10 (CVSSv2 Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g

2011-05-02 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-007 - Original release date: August 11th, 2010 - Last revised: May 1st, 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 5.0/10 (CVSS Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] SQL Injection and XSS in Motorito v2.0 Ni 483

2010-09-23 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-005 - Original release date: March 30th, 2010 - Last revised: September 23th, 2010 - Discovered by: Mario Diaz Caldera - Severity: 5.5/10 (CVSS Base Score) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Insecure Direct Object Reference in tuenti.com allow to read of any message user

2010-09-22 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-008 - Original release date: August 30th, 2010 - Last revised: September 21st, 2010 - Discovered by: Vicente Aguilera Diaz - Severity: 4/10 (CVSSv2 Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail v6.2.0

2010-09-22 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-009 - Original release date: August 30th, 2010 - Last revised: September 21st, 2010 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 (CVSSv2 Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Facebook Cross-Site Request Forgery vulnerability

2010-02-13 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-002 - Original release date: February 2nd, 2010 - Last revised: February 12th, 2010 - Discovered by: Juan Galiana Lara - Severity: 6.3/10 (CVSS Base Score) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Facebook HTML and Script code injection vulnerability

2010-02-03 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2010-001 - Original release date: January 8th, 2010 - Last revised: February 3rd, 2010 - Discovered by: Juan Galiana Lara - Severity: 6.3/10 (CVSS Base Score) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Simple PHP Blog = 0.5.1 Local File Include vulnerability

2009-12-19 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 (CVSS scored) = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] PHP-Calendar = v1.1 'configfile' Remote and Local File Inclusion vulnerability

2009-12-19 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-011 - Original release date: October 13th, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3702 - Severity: 8.5/10 (CVSS Base Score)

[Full-disclosure] [ISecAuditors Security Advisories] Cisco ASA = 8.x VPN SSL module Clientless URL-list control bypass

2009-12-17 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-013 - Original release date: December 7th, 2009 - Last revised: December 16th, 2009 - Discovered by: David Eduardo Acosta Rodriguez - Severity: 4/10 (CVSS Base Score) =

[Full-disclosure] [ISecAuditors Security Advisories] Horde 3.3.5 PHP_SELF Cross-Site Scripting vulnerability

2009-12-17 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 (CVSS Base Score)

[Full-disclosure] [ISecAuditors Security Advisories] QuiXplorer =2.4.1beta Remote Code Execution vulnerability

2009-12-17 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-003 - Original release date: March 2nd, 2009 - Last revised: December 17th, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 (CVSS scored) = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] WP-Forum = 2.3 SQL Injection vulnerabilities

2009-12-16 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-010 - Original release date: September 28th, 2009 - Last revised: December 15th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3703 - Severity: 8.5/10 (CVSS Base Score)

[Full-disclosure] [ISecAuditors Security Advisories] Joomla! 1.5.12 Multiple Full Path Disclosure vulnerabilities

2009-07-24 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-009 - Original release date: July 21st, 2009 - Last revised: July 23rd, 2009 - Discovered by: Juan Galiana Lara - Severity: 5/10 (CVSS Base Score) = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] Gmail vulnerable to automated password cracking

2009-07-17 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-NNN - Original release date: July 7th, 2009 - Last revised: July 17th, 2009 - Discovered by: Vicente Aguilera Diaz - Severity: 4.5/10 (CVSS Base Score) = I.

[Full-disclosure] [ISecAuditors Security Advisories] Joomla! 1.5.12 Multiple XSS vulnerabilities in HTTP Headers

2009-07-02 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-007 - Original release date: June 30th, 2009 - Last revised: July 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 (CVSS Base Score) = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] Joomla! 1.5.10 JA_Purity Multiple Persistent XSS

2009-06-05 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-006 - Original release date: April 5th, 2009 - Last revised: June 5th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.4/10 (CVSS Base Score) = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] ModSecurity 2.5.9 remote Denial of Service (DoS)

2009-03-19 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-001 - Original release date: February 25th, 2009 - Last revised: March 19th, 2009 - Discovered by: Juan Galiana Lara - Severity: 7.8/10 (CVSS Base Scored) = I.

[Full-disclosure] [ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability

2009-03-11 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2009-004 - Original release date: December 3rd, 2008 - Last revised: March 10th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.3/10 (CVSS scored) = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] CSRF vulnerability in GMail service

2009-03-03 Thread ISecAuditors Security Advisories

= INTERNET SECURITY AUDITORS ALERT 2007-003 - Original release date: August 1st, 2007 - Last revised: January 11th, 2009 - Discovered by: Vicente Aguilera Diaz - Severity: 3/5 = I. VULNERABILITY

[Full-disclosure] [ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com)

[Full-disclosure] [ISecAuditors Security Advisories] Multiple reflected XSS vulnerabilities in Atmail WebMail

[Full-disclosure] [ISecAuditors Security Advisories] SQL Injection vulnerability in Project'Or RIA allow arbitrary access to the database and the file system

[Full-disclosure] [ISecAuditors Security Advisories] Multiple XSS vulnerabilities in Project'Or RIA

[Full-disclosure] [ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Vulnerabilities in Telaen = 1.3.0

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery = v1.8.9

[Full-disclosure] [ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail = v7.0.2

[Full-disclosure] [ISecAuditors Security Advisories] CSRF vulnerability in LinkedIn

[Full-disclosure] [ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in LinkedIn Investors

[Full-disclosure] [ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics

[Full-disclosure] [ISecAuditors Security Advisories] Multiple vulnerabilities in Zyncro social network

[Full-disclosure] [ISecAuditors Security Advisories] Facebook social network vulnerable to Open Redirect

[Full-disclosure] [ISecAuditors Security Advisories] Multiple vulnerabilities in Hi5.com social network

[Full-disclosure] [ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g

[Full-disclosure] [ISecAuditors Security Advisories] SQL Injection and XSS in Motorito v2.0 Ni 483

[Full-disclosure] [ISecAuditors Security Advisories] Insecure Direct Object Reference in tuenti.com allow to read of any message user

[Full-disclosure] [ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail v6.2.0

[Full-disclosure] [ISecAuditors Security Advisories] Facebook Cross-Site Request Forgery vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] Facebook HTML and Script code injection vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] Simple PHP Blog = 0.5.1 Local File Include vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] PHP-Calendar = v1.1 'configfile' Remote and Local File Inclusion vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] Cisco ASA = 8.x VPN SSL module Clientless URL-list control bypass

[Full-disclosure] [ISecAuditors Security Advisories] Horde 3.3.5 PHP_SELF Cross-Site Scripting vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] QuiXplorer =2.4.1beta Remote Code Execution vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] WP-Forum = 2.3 SQL Injection vulnerabilities

[Full-disclosure] [ISecAuditors Security Advisories] Joomla! 1.5.12 Multiple Full Path Disclosure vulnerabilities

[Full-disclosure] [ISecAuditors Security Advisories] Gmail vulnerable to automated password cracking

[Full-disclosure] [ISecAuditors Security Advisories] Joomla! 1.5.12 Multiple XSS vulnerabilities in HTTP Headers

[Full-disclosure] [ISecAuditors Security Advisories] Joomla! 1.5.10 JA_Purity Multiple Persistent XSS

[Full-disclosure] [ISecAuditors Security Advisories] ModSecurity 2.5.9 remote Denial of Service (DoS)

[Full-disclosure] [ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability

[Full-disclosure] [ISecAuditors Security Advisories] CSRF vulnerability in GMail service

33 matches

Site Navigation

Mail list logo

Footer information