[FD] PDF Converter Editor 2.1 iOS - File Include Vulnerability

2015-05-06 Thread Vulnerability Lab
Document Title: === PDF Converter Editor 2.1 iOS - File Include Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1480 Release Date: = 2015-05-06 Vulnerability Laboratory ID (VL-ID):

[FD] TORNADO Computer Trading CMS - SQL Injection Vulnerability

2015-05-06 Thread Vulnerability Lab
Document Title: === TORNADO Computer Trading CMS - SQL Injection Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1489 Release Date: = 2015-05-05 Vulnerability Laboratory ID (VL-ID):

[FD] [SE-2014-02] Some additional GAE Java security sandbox bypasses

2015-05-06 Thread Security Explorations
Hello All, Security Explorations released technical details and POC codes for additional security vulnerabilities found in Google App Engine for Java. All relevant materials can be found at our SE-2014-02 project details page: http://www.security-explorations.com/en/SE-2014-02-details.html

[FD] Alienvault OSSIM/USM Multiple Vulnerabilities

2015-05-06 Thread Peter Lapp
Details === Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities (XSS, SQLi, Command Execution) Author: Peter Lapp, lapp...@gmail.com CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix

[FD] pydio vulnerabilities

2015-05-06 Thread Just A Fake
Does anyone have any info on the two pydio vulnerabilities announced today? They have been given CVE-2015-3431 and CVE-2015-3432 but a search on mitre just says those are reserved. There is no information or explanation about what the issues are.