Document Title:
===
Pimcore v3.0.5 CMS - Multiple Web Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1482
Release Date:
=
2015-05-08
Vulnerability Laboratory ID (VL-ID):
https://github.com/pydio/pydio-core/commits/develop
https://github.com/pydio/pydio-core/commit/2049254e7a215491019d2646a274a8fb1cf29e3b
2015-05-07 1:32 GMT+03:00 Just A Fake robottomonitorbugt...@gmail.com:
Does anyone have any info on the two pydio vulnerabilities announced today?
They
*MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security
Vulnerabilities*
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection
Security Vulnerabilities
Product: Web-Design
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory
Docker Engine version 1.6.1 has been released to address several
vulnerabilities and is immediately available for all supported platforms.
Users are advised to upgrade existing installations of the Docker Engine
and use 1.6.1 for new installations.
It should be noted that each of the
Recently, HP published their yearly Cyber Risk Report 2015
(http://info.hpenterprisesecurity.com/LP_460192_Cross_CyberriskFullReport_0315_gate
). Having many typical things spotlighted in this report such as
growing number of ATM and IOT Security buzz you can find everywhere,
ERPScan found
*MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web
Security Vulnerabilities*
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple XSS Security
Vulnerabilities
Product: Web-Design
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory
*MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security
Vulnerabilities*
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 gallery.php? category
parameter HTML Injection Security Vulnerabilities
Product: Web-Design v1.12
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version:
Shortly after I posted this I received an email from Alienvault
stating that a fix is imminent and is planned to be released next week
in version 5.0.2.
Thanks to AV for getting back to me on this.
On Tue, May 5, 2015 at 9:21 PM, Peter Lapp lapp...@gmail.com wrote:
Details
===
Product:
'Yet Another Related Posts Plugin' options can be updated with no
token/nonce protection which an attacker may exploit via tricking website's
administrator to enter a malformed page which will change YARPP options,
and since some options allow html the attacker is able to inject malformed
Hi,
PaX solution has actually 16 random bits for mmap objects in 32bit systems on
non affected systems. On affected systems the random bits are degraded to 2^13.
Unfortunately, depending on the PaX Kernel configuration sequence, some features
may not be enabled. There are sequences of PaX
*Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities*
Exploit Title: Feed2JS v1.7 magpie_debug.php? url parameter XSS Security
Vulnerabilities
Product: Feed2JS
Vendor: feed2js.org
Vulnerable Versions: v1.7
Tested Version: v1.7
Advisory Publication: May 09, 2015
Latest Update:
11 matches
Mail list logo