[FD] CVE Request:CSRF in wordpress copysafe web allows attacker changes plugin settings

Hi team, I would like to request one CVE ID,thank you!; Details === Software:CopySafe Web version:<2.6 description:Add copy protection from PrintScreen and screen capture. Copysafe Web uses encrypted images and domain lock to extend copy protection for all media displayed on a web pa

[FD] CVE Request:Multiple CSRF in WordPress WHIZZ allow attackers to delete any wordpress users and change plugins status

Hi team, I would like to request one CVE id, thank you! Details == Software: WordPress WHIZZ Version: <1.1.1 Homepage: https://wordpress.org/plugins/whizz/ === Description Get type CSRF in WordPress WHIZZ allows attackers to delete any wordpress users

[FD] CVE Request:Mutiple CSRF vulnerabilities in e107 CMS 2.1.4

Hi team, I would like to request one CVE ID with some issues of e107 CMS. == Title:Mutiple CSRF vulnerabilities in e107 CMS 2.1.4 Author:Zhiyang Zeng Product: — e107 is a powerful website content management system designed for bootstrap v3 from http://e107.

[FD] DragonWave Horizon Hard-coded Credentials Vulnerability (multiple versions)

[+] Credits: Ian Ling [+] Website: iancaling.com [+] Source: http://blog.iancaling.com/post/159276197313 Vendor: = http://www.dragonwaveinc.com/ Product: == -DragonWave Horizon Vulnerability Details: = DragonWave Horizon wireless radios ha

[FD] Carlo Gavazzi VMUC-EM - Multiple Vulnerabilities

*VMU-C Web-Server solution for photovoltaic applications* VMU-C EM is a data logger system for small to medium projects, VMUC-Y EM is a hardware data aggregator for medium to larger projects and Em2 Server is a software solution for large projects. They are designed to complement the extensive lin

[FD] Cambium SNMP Security Vulnerabilities

Cambium SNMP Security Vulnerabilities AFFECTED PRODUCTS Cambium ePMP 1000 Cambium ePMP 2000 Cambium PMP XXX Cambium ForceXXX models Potentially all other models IMPACT These vulnerabilities may allow an attacker to access device configuration as well as make unauthorized changes to the device c

[FD] SenNet Data Logger appliances and Electricity Meters Multiple Vulnerabilities

SenNet Data Logger appliances and Electricity Meters Multiple Vulnerabilities Note: Vendor has released the fix. Details to be documented in ICS-CERT Advisory. About SenNet is a trademark of Satel Spain that offers monitoring and remote-control solutions for businesses. Our engineers develop, int

[FD] Sielco Sistemi Winlog SCADA Software Insecure Library Loading Allows Code Execution

Sielco Sistemi Winlog SCADA Software Insecure Library Loading Allows Code Execution Vendor: Sielco Sistemi Equipment: Winlog SCADA Software Vulnerability: Uncontrolled Search Path Element ICS-CERT Advisory https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01 AFFECTED PRODUCTS The following Si

[FD] LAquis SCADA Access Control Vulnerability

LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA Access Control Vulnerability Vendor: LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerability: Improper Access Control ICS-CERT Advisory https://ics-cert.us-cert.gov/advisories/IC

[FD] Executable installers are vulnerable^WEVIL (case 49): 1Password-4.6.1.619.exe allows arbitrary code execution

Hi @ll, 1Password-4.6.1.619.exe, available from is vulnerable to DLL hijacking: it loads UXTheme.dll or DWMAPI.dll from its "application directory" instead Windows "system directory". For downloaded applications like 1Pa

[FD] DAVOSET v.1.3.1

Hello participants of Mailing List. Since announcement of DAVOSET in 2010 and after making its public release in 2013, I've made next update of the software. At 4th of April DAVOSET v.1.3.1 was released - DDoS attacks via other sites execution tool (http://websecurity.com.ua/davoset/). Video dem

[FD] SEC Consult SA-20170407-0 :: Server-Side Request Forgery in MyBB forum

SEC Consult Vulnerability Lab Security Advisory < 20170407-0 > === title: Server Side Request Forgery (SSRF) Vulnerability product: MyBB vulnerable version: 1.8.10 fixed version: