[FD] Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities

Document Title: === Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1482 Release Date: = 2015-05-08 Vulnerability Laboratory ID (VL-ID):

Re: [FD] pydio vulnerabilities

https://github.com/pydio/pydio-core/commits/develop https://github.com/pydio/pydio-core/commit/2049254e7a215491019d2646a274a8fb1cf29e3b 2015-05-07 1:32 GMT+03:00 Just A Fake robottomonitorbugt...@gmail.com: Does anyone have any info on the two pydio vulnerabilities announced today? They

[FD] MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities

*MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities* Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Security Vulnerabilities Product: Web-Design Vendor: MT.VERNON MEDIA Vulnerable Versions: v1.12 Tested Version: v1.12 Advisory

[FD] Docker 1.6.1 - Security Advisory [150507]

Docker Engine version 1.6.1 has been released to address several vulnerabilities and is immediately available for all supported platforms. Users are advised to upgrade existing installations of the Docker Engine and use 1.6.1 for new installations. It should be noted that each of the

[FD] SAP vulnerabilities highlighted in many reports such as HP Cyber Risk Report 2015

Recently, HP published their yearly Cyber Risk Report 2015 (http://info.hpenterprisesecurity.com/LP_460192_Cross_CyberriskFullReport_0315_gate ). Having many typical things spotlighted in this report such as growing number of ATM and IOT Security buzz you can find everywhere, ERPScan found

[FD] MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities

*MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities* Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple XSS Security Vulnerabilities Product: Web-Design Vendor: MT.VERNON MEDIA Vulnerable Versions: v1.12 Tested Version: v1.12 Advisory

[FD] MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities

*MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities* Exploit Title: MT.VERNON MEDIA Web-Design v1.12 gallery.php? category parameter HTML Injection Security Vulnerabilities Product: Web-Design v1.12 Vendor: MT.VERNON MEDIA Vulnerable Versions: v1.12 Tested Version:

Re: [FD] Alienvault OSSIM/USM Multiple Vulnerabilities

Shortly after I posted this I received an email from Alienvault stating that a fix is imminent and is planned to be released next week in version 5.0.2. Thanks to AV for getting back to me on this. On Tue, May 5, 2015 at 9:21 PM, Peter Lapp lapp...@gmail.com wrote: Details === Product:

[FD] Yet Another Related Posts Plugin (YARPP) 4.2.4 CSRF - XSS - RCE

'Yet Another Related Posts Plugin' options can be updated with no token/nonce protection which an attacker may exploit via tricking website's administrator to enter a malformed page which will change YARPP options, and since some options allow html the attacker is able to inject malformed

Re: [FD] AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%

Hi, PaX solution has actually 16 random bits for mmap objects in 32bit systems on non affected systems. On affected systems the random bits are degraded to 2^13. Unfortunately, depending on the PaX Kernel configuration sequence, some features may not be enabled. There are sequences of PaX

[FD] Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

*Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities* Exploit Title: Feed2JS v1.7 magpie_debug.php? url parameter XSS Security Vulnerabilities Product: Feed2JS Vendor: feed2js.org Vulnerable Versions: v1.7 Tested Version: v1.7 Advisory Publication: May 09, 2015 Latest Update: