*NetCat CMS Multiple Remote File Inclusion (RFI) Security Vulnerabilities*
Exploit Title: NetCat CMS Multiple Remote File Inclusion (RFI) Security
Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Piwik is an open-source web analytics tool. Its updater downloads and
executes PHP code over an insecure (not-HTTPS) connection. The issue was
reported on the public GitHub tracker in October of 2014 and remains
unfixed.
https://github.com/piwik/piwik/issues/6441
Code signing is implemented, but
*Comsenz SupeSite CMS Reflected XSS (Cross-site Scripting) Security
Vulnerabilities*
Exploit Title: Comsenz SupeSite CMS /cp.php do parameter Reflected XSS
Security Vulnerabilities
Product: SupeSite CMS (Content Management System)
Vendor: Comsenz
Vulnerable Versions: 6.0.1UC 7.0
Tested
*NetCat CMS Multiple URL Redirection (Open Redirect) Security
Vulnerabilities*
Exploit Title: NetCat CMS Multiple URL Redirection Security Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
I. VULNERABILITY
-
XSS Reflected vulnerabilities in Fortimail version 5.2.1
II. BACKGROUND
-
Fortinet’s industry-leading, Network Security Platforms deliver Next
Generation Firewall (NGFW) security with exceptional throughput, ultra
low latency, and
It seems was fixed.
HTTP/1.1 200 OK
Date: Sun, 01 Mar 2015 22:21:31 GMT
Server: Apache-Coyote/1.1
Content-Disposition: attachment; filename=autocomplete.txt
Content-Type: application/x-suggestions+json;charset=UTF-8
Content-Language: en-US
Content-Length: 34
Keep-Alive: timeout=5, max=69
GDS LABS ALERT: CVE-2015-2080
JetLeak Vulnerability Remote Leakage Of Shared Buffers In Jetty Web Server
SYNOPSIS
Gotham Digital Science discovered a critical information leakage
vulnerability in the Jetty web server that allows an unauthenticated remote
attacker to read arbitrary data
Hello list!
There are Abuse of Functionality and Brute Force vulnerabilities in
Hikvision DS-7204HWI-SH.
-
Affected products:
-
Vulnerable is the next model: Hikvision DS-7204HWI-SH with different
versions of firmware.
--
Details: