Advisory: Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5
Advisory ID: SROEADV-2014-03
Author: Steffen Rösemann
Affected Software: CMS Contenido 4.9.x-4.9.5 (Release: 10th Dec 2014)
Vendor URL: http://www.contenido.org/de/
Vendor Status: fixed
CVE-ID: -
==
Vulnera
At least on the pile of RomPager 4.01 devices that I have access to,
they use straight HTTP authentication by default and do not use any
cookies from what I can see. That's not to say that there isn't
cookie handling code exposed in some way. It is also possible that
these devices have already be
https://nuitduhack.com/2015/cfp.html
If you’re reading this, you know what NDH and a CFP stands for, so I
won’t bother you that long.
Conference format: 45min, including 5 to 10min of Q&A
Submission: https://submit.hackerzvoice.net
Deadline: April 5th
Announcement: April 20th
Advisory: Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1
Advisory ID: SROEADV-2014-02
Author: Steffen Rösemann
Affected Software: CMS Serendipity v.2.0-rc1 (Release: 20th Dec 2014)
Vendor URL: http://www.s9y.org/
Vendor Status: fixed
CVE-ID: -
==
Vulnerabili
ObSecure ObSecure360 Unauthenticated SQL Injection Vulnerability
Release Date:
23-Dec-2014
Software:
ObSecure 360
http://obsecure.com.au/Solutions.html
"obsecure is an innovative cyber security software company that provides
high
security information distribution and transfer solutions th