[FD] Sitefinity Enterprise v7.2.53 - Persistent UI Vulnerability

Document Title: === Sitefinity Enterprise v7.2.53 - Persistent Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1369 Release Date: = 2015-01-06 Vulnerability Laboratory ID (VL-ID):

[FD] SEC Consult SA-20150113-1 :: Privilege Escalation XSS Missing Authentication in Ansible Tower

SEC Consult Vulnerability Lab Security Advisory 20150113-1 === title: Privilege Escalation XSS Missing Authentication product: Ansible Tower vulnerable version: =2.0.2 fixed version: =2.0.5

[FD] Reflecting XSS vulnerability in filemanager of CMS b2evolution v. 5.2.0

Advisory: Reflecting XSS vulnerability in CMS filemanager of b2evolution v. 5.2.0 Advisory ID: SROEADV-2014-09 Author: Steffen Rösemann Affected Software: CMS b2evolution v. 5.2.0 (Release-Date: 6th-Dec-2014) Vendor URL: http://b2evolution.net/ Vendor Status: did not respond to issue CVE-ID: -

Re: [FD] Snom SIP phones denial of service through HTTP

The latest version is 8.7.3.25.9, there is no 8.7.4.X, yet. And yes, you missed something, (without the quotes) --data-binary @- This turns it into a HTTP POST request and uses the input from stdin. Otherwise you just do a regular HTTP GET which gets blocked because it's not authenticated. On