*Webshop hun v1.062S Information Leakage (Full Path Disclosure - FPD)
Security Vulnerabilities*
Exploit Title: Webshop hun v1.062S /index.php termid parameter Information
Leakage Security Vulnerabilities
Product: Webshop hun
Vendor: Webshop hun
Vulnerable Versions: v1.062S
Tested Version:
Java 8u40 includes adware on OS X for the first time ever:
http://www.zdnet.com/article/oracle-extends-its-adware-bundling-to-include-java-for-macs/
Sorry for the poor quality of the link; I don't have time to find a better one.
— Alex
El 06/03/2015, a les 21:02, paul.sz...@sydney.edu.au va
*WordPress Daily Edition Theme v1.6.2 Unrestricted Upload of File Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme v1.6.2 /thumb.php src
Parameter Unrestricted Upload of File Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable
On 03/ 6/15 12:02 PM, paul.sz...@sydney.edu.au wrote:
I notice that Java (JDK, JRE) update 8u40 has been released.
Though
http://www.oracle.com/technetwork/java/javase/downloads/index.html
says this release includes important security fixes ...
My reading of the first WWW page is that only
Maybe the major change is that they’re including the Ask toolbar in all
releases now, not just the windows one? :)
The unwelcome Ask extension shows up as part of the installer if a Mac user
downloads Java 8 Update 40 for the Mac. In my tests on a Mac running that
latest release of OS X, the
James Hodgkinson wrote:
Maybe the major change is that they're including the Ask toolbar in
all releases now, not just the windows one? :)
Indeed!
The unwelcome Ask extension shows up as part of the installer if a Mac
user downloads Java 8 Update 40 for the Mac. In my tests on a Mac
*WordPress Daily Edition Theme v1.6.2 SQL Injection Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme v1.6.2 /fiche-disque.php id
Parameters SQL Injection Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.2
Tested
Hello list!
There are Cross-Site Scripting and Cross-Site Request Forgery
vulnerabilities in ASUS Wireless Router RT-G32.
-
Affected products:
-
Vulnerable is the next model: ASUS RT-G32 with different versions of
firmware. I checked in ASUS
Alan Coopersmith alan.coopersm...@oracle.com wrote (and he should
know!):
Java 8u40 is a feature release that's been planned for almost a year,
not a special out of band bug fix release.
http://openjdk.java.net/projects/jdk8u/releases/8u40.html