Vulnerability title: Arbitrary file read
CVE: CVE-2014-3225
Vendor: Cobbler
Product: Cobbler
Affected version: =2.6.0
Fixed version: N/A
Reported by: Dolev Farhi
VULNERABILITY Details:
In all Cobbler versions (= 2.6.0)
Vulnerability title: Multiple Stored Cross-Site scripting
CVE: CVE-2014-3111
Vendor: FOG Project
Product: FOG Imaging system
Affected version: 0.27 – 0.32(latest)
Fixed version: N/A
Reported by: Dolev Farhi
VULNERABILITY Details:
Pedro,
I think you misinterpreted the article. I can see how his writing style can be
confusing with all the joking and contradictions throughout. I had to reread it
twice to make sure I was taking away what was intended
Just to be clear though, I agree and don't think it really adds value
Document Title:
===
Paypal Inc Bug Bounty #109 MOS - Bypass Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1050
PayPal Security UID: Pq115cey
Release Date:
=
2014-05-14
Vulnerability Laboratory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
eInstruction sells, among others, electronic whiteboards. They also
provide Linux software for these, including a user land driver of
sorts called Workspace. If the installation of that software succeeds,
it will change /etc/sudoers to add the