[FD] SQL Buddy 1.3.3: CSRF

2015-11-02 Thread Curesec Research Team (CRT)
Security Advisory - Curesec Research Team 1. Introduction Affected Product:SQL Buddy 1.3.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: n...@deliciousbrains.com Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to

[FD] TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks

2015-11-02 Thread Jing Wang
*TeleGraph All Photo (Picture) Pages Have Been Vulnerable to XSS Cyber Attacks* *Website Description:* http://www.telegraph.co.uk "The Daily Telegraph is a British daily morning English-language broadsheet newspaper, published in London by Telegraph Media Group and distributed throughout the

[FD] SQL Buddy 1.3.3: XSS

2015-11-02 Thread Curesec Research Team (CRT)
Security Advisory - Curesec Research Team 1. Introduction Affected Product:SQL Buddy 1.3.3 Fixed in:not fixed Fixed Version Link: n/a Vendor Contact: n...@deliciousbrains.com Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 08/18/2015 Disclosed to

[FD] Chyrp CMS 2.5.2: XSS

2015-11-02 Thread Curesec Research Team (CRT)
Security Advisory - Curesec Research Team 1. Introduction Affected Product:Chyrp CMS 2.5.2 Fixed in:not fixed Fixed Version Link: n/a Vendor Github: https://github.com/chyrp/chyrp Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed

[FD] Winehat Security Conference

2015-11-02 Thread Lorenzo Primiterra
Hi all, if nobody has already posted it, I would like to link this new security event, witch is going to be held in Italy but all in English, bringing together the Italian culture (food, wine, culture) and the InfoSec world. It will be held in Turin on November 7th and 8th in the Italian