Title: Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1
leads to root
Author: Larry W. Cashdollar, @_larry0
Date: 2020-02-02
CVE-2020-14724
Download Site: https://docs.oracle.com/cd/E37838_01/html/E69250/useddu.html
Vendor: Oracle, fixed in July 14 2020 CPU
https
/mobile_plugin_exploit.sh
URL: http://www.vapidlabs.com/advisory.php?v=178
Credit: Larry W. Cashdollar, @_larry0
___
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Hello All,
These are really great advisories, my only wish is that they were copied to the
security lists in their entirety. This way we aren't relying on a single point
of failure (your website) when looking for the data in the future.
Thanks!
Larry
> On Nov 19, 2016, at 5:48 AM, Summer of
Title: /tmp race condition in Teradata Studio Express v15.12.00.00
studioexpressinstall
Author: Larry W. Cashdollar, @_larry0
Date: 2016-10-03
Download Site:
http://downloads.teradata.com/download/tools/teradata-studio-express
Vendor: Teradata
Vendor Notified: 2016-10-03
Vendor Contact: web form
Title: Teradata Virtual Machine Community Edition v15.10 Insecure creation of
files in /tmp
Author: Larry W. Cashdollar, @_larry0
Date: 2016-10-01
Download Site:
http://downloads.teradata.com/download/database/teradata-virtual-machine-community-edition-for-vmware
Vendor: Teradata
Vendor Notified
Title: Teradata Virtual Machine Community Edition v15.10 has insecure file
permission
Author: Larry W. Cashdollar, @_larry0
Date: 2016-10-01
Download Site:
http://downloads.teradata.com/download/database/teradata-virtual-machine-community-edition-for-vmware
<http://downloads.teradata.
Title: Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-16
Download Site: http://huge-it.com/joomla-portfolio-gallery/
Vendor: huge-it.com
Vendor Notified: 2016-09-17
Vendor Contact: i...@huge-it.com
Description: Huge
Title: Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-16
Download Site: http://huge-it.com/joomla-catalog/
Vendor: huge-it.com
Vendor Notified: 2016-09-17
Vendor Contact: i...@huge-it.com
Description:
Huge-IT Product Catalog
Title: XSS and SQLi in huge IT gallery v1.1.5 for Joomla
Fixed: v1.1.7
Author: Larry W. Cashdollar, @_larry0 and Elitza Neytcheva, @ElitzaNeytcheva
Date: 2016-07-14
Download Site:
http://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-pro
Vendor: huge-it.com
Vendor
Title: Local root vulnerability in DeleGate v9.9.13
Author: Larry W. Cashdollar, @_larry0
Date: 2015-12-17
Advisory: http://www.vapidlabs.com/advisory.php?v=159
Download Sites: http://delegate.hpcc.jp/delegate/
http://delegate.org/delegate/
Vendor: National Institute of Advanced Industrial
On Jul 16, 2015, at 8:18 PM, Larry W. Cashdollar lar...@me.com wrote:
Title: Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
Author: Larry W. Cashdollar, @_larry0
Date: 2015-07-09
Download Site: https://wordpress.org/plugins/mailcwp/
Vendor: CadreWorks Pty Ltd
Vendor
Title: Remote file upload vulnerability in mailcwp v1.99 wordpress plugin
Author: Larry W. Cashdollar, @_larry0
Date: 2015-07-09
Download Site: https://wordpress.org/plugins/mailcwp/
Vendor: CadreWorks Pty Ltd
Vendor Notified: 2015-07-09 fixed in v1.110
Vendor Contact: Contact Page via WP site
Title: Remote file download vulnerability in Wordpress Plugin image-export v1.1
Author: Larry W. Cashdollar, @_larry0
Date: 2015-07-01
Download Site: https://wordpress.org/plugins/image-export
Vendor: www.1efthander.com
Vendor Notified: 2015-07-05
Vendor Contact: https://twitter.com/1eftHander
Title: Remote file upload vulnerability SQLi in wordpress plugin
wp-powerplaygallery v3.3
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-27
Download Site: https://wordpress.org/plugins/wp-powerplaygallery
Vendor: WP SlideShow
Vendor Notified: 2015-06-29
Advisory: http://www.vapid.dhs.org
Title: Remote file download vulnerability in Wordpress Plugin wp-swimteam
v1.44.10777
Author: Larry W. Cashdollar, @_larry0
Date: 2015-07-02
Download Site: https://wordpress.org/plugins/wp-swimteam
Vendor: Mike Walsh www.MichaelWalsh.org
Vendor Notified: 2015-07-02, fixed in v1.45beta3
Vendor
Title: SQL Injection in easy2map-photos wordpress plugin v1.09
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-08
Download Site: https://wordpress.org/plugins/easy2map-photos
Vendor: Steven Ellis
Vendor Notified: 2015-06-08, fixed in v1.1.0
Vendor Contact: https://profiles.wordpress.org
Title: Remote file download vulnerability in wordpress plugin
wp-ecommerce-shop-styling v2.5
Author: Larry W. Cashdollar, @_larry0
Date: 2015-07-05
Download Site: https://wordpress.org/plugins/wp-ecommerce-shop-styling
Vendor: https://profiles.wordpress.org/haet/
Vendor Notified: 2015-07-05
Title: Remote file download in Wordpress Plugin mdc-youtube-downloader v2.1.0
Author: Larry W. Cashdollar, @_larry0
Date: 2015-07-01
Download Site: https://wordpress.org/plugins/mdc-youtube-downloader
Vendor: https://profiles.wordpress.org/mukto90/
Vendor Notified: 2015-07-01, removed vulnerable
Title: SQL Injection in easy2map wordpress plugin v1.24
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-08
Download Site: https://wordpress.org/plugins/easy2map
Vendor: Steven Ellis
Vendor Notified: 2015-06-08, fixed in v1.25
Vendor Contact: https://profiles.wordpress.org/stevenellis/
Advisory
Title: Remote file download vulnerability in download-zip-attachments v1.0
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-10
Download Site: https://wordpress.org/plugins/download-zip-attachments/
Vendor: rivenvirus
Vendor Notified: 2015-06-15
Vendor Contact: https://profiles.wordpress.org
Title: Arbitrary File download in wordpress plugin wp-instance-rename v1.0
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-12
Download Site: https://wordpress.org/plugins/wp-instance-rename/
Vendor: Vlajo
Vendor Notified: 2015-06-12
Advisory: http://www.vapid.dhs.org/advisory.php?v=127
Vendor
Title: Remote file upload vulnerability in
aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-07
Download Site:
https://wordpress.org/plugins/aviary-image-editor-add-on-for-gravity-forms
Vendor: Waters Edge Web Design
Title: Remote file upload vulnerability in wordpress plugin
videowhisper-video-presentation v3.31.17
Author: Larry W. Cashdollar, @_larry0
Date: 2015-03-29
Download Site: https://wordpress.org/plugins/videowhisper-video-presentation/
Vendor: http://www.videowhisper.com/
Vendor Notified: 2015-03
#!/bin/bash
#Larry W. Cashdollar, @_larry0
#Will brute force and search a Wordpress target site with WP-DB-Backup v2.2.4
plugin installed for any backups done on
#20141031 assumes the wordpress database is wordpress and the table prefix is
wp_
#http://www.vapid.dhs.org/advisories/wordpress
I stumbled on to this while setting up an android vulnerability testing lab.
Title: Rooted SSH/SFTP Daemon Default Login Credentials
Author: Larry W. Cashdollar, @_larry0
OSVDB-ID: 110742
Date: 9/2/2014
Download: https://play.google.com/store/apps/details?id=web.oss.sshsftpDaemon
Title: Remote Command Injection in Ruby Gem sfpagent 0.4.14
Date: 4/15/2014
Author: Larry W. Cashdollar, @_larry0
CVE: 2014-2888
Download: http://rubygems.org/gems/sfpagent
Vulnerability
The list variable generated from the user supplied JSON[body] input is passed
directly to the system
26 matches
Mail list logo