Digital Forensics pros,
InfoSec pros,
h4x0rs,
stuff breakers,
g33k girls,
The first BloomCON Forensics and Security conference will be held February
5-6, 2016 in Bloomsburg, PA (USA). We are
now officially accepting presentation and workshop submissions for the
event. We will have two speaking a
SQLiteManager 1.2.4: Multiple XSS
Security Advisory – Curesec Research Team
1. Introduction
Affected Product: SQLiteManager 1.2.4
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: sqlitemana...@gmail.com
Vulnerability Type: XSS
Remote Exploita
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:TheHostingTool 1.2.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: https://thehostingtool.com/
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:TheHostingTool 1.2.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: https://thehostingtool.com/
Vulnerability Type: SQL Injection
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:TheHostingTool 1.2.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: https://thehostingtool.com/
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Quick.Cart 6.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Contact: i...@opensolution.org
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public: 1
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Quick.Cart 6.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Contact: i...@opensolution.org
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/07/2015
Disclosed to public:
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:CubeCart 6.0.7
Fixed in:6.0.8
Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip
Vendor Contact: sa...@cubecart.com
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:CubeCart 6.0.7
Fixed in:6.0.8
Fixed Version Link: https://www.cubecart.com/thank-you/CubeCart-6.0.8.zip
Vendor Contact: sa...@cubecart.com
Vulnerability Type: Code Execution
Remote Exploitable: Yes
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Supercali Event Calendar 1.0.8
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: http://supercali.inforest.com/
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 09/01/20
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:Supercali Event Calendar 1.0.8
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: http://supercali.inforest.com/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/01/2
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:OpenCart 2.0.3.1
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: https://www.opencart.com/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/01/2015
Disclosed to pu
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:MyWebSQL 3.6
Fixed in:not fixed
Fixed Version Link: n/a
Vendor Website: http://mywebsql.net/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 09/01/2015
Disclosed to public: 10/
Security Advisory - Curesec Research Team
1. Introduction
Affected Product:MiniBB 3.1.1
Fixed in:3.2
Fixed Version Link: http://www.minibb.com/download.php?file=minibb
Vendor Contact: secur...@minibb.com
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor:
Hi,
There are some news sites that confuse this Magento/Zend Framework
vulnerability with an old SOAP parser xxe vulnerability of CVE-2013-1643
in the PHP core which was fixed in PHP 5.4.13 in 2013.
The incorrect news may give false sense of security to users with
newer PHP versions when in fact,
Hi lists,
I am glad to present a new release of this tool.
http://ufonet.03c8.net
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct
different attacks using; GET/POST, multithreading, proxies, origin
spoofing methods, cache evasion techniques, etc.
New options added are:
16 matches
Mail list logo