[FD] Joomla SecurityCheck extension - Multiple vulnerabilities

Information -- Advisory by ADEO Security Team Name: Stored XSS and SQL Injection in Joomla SecurityCheck extension Affected Software : SecurityCheck and SecurityCheck Pro Vulnerable Versions: 2.8.9 (possibly below) Vendor Homepage :

[FD] CVE-2016-3670 Stored Cross Site Scripting in Liferay CE

Fernando Câmara @ Integrity S.A www.integrity.pt https://twitter.com/overflowy https://labs.integrity.pt/advisories/cve-2016-3670/ --- CVE-2016-3670 Stored Cross Site Scripting in Liferay CE 1. Vulnerability Properties Title: Stored Cross-Site Scripting Liferay CE CVE ID: CVE-2016-3670

[FD] XSS in CMSimple <= v4.6.2

= MGC ALERT 2016-004 - Original release date: May 28, 2016 - Last revised: June 1, 2016 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) = I. VULNERABILITY

[FD] MitM Attack against KeePass 2's Update Check

MitM Attack against KeePass 2's Update Check Metadata === Release Date: 02-03-2016 Author: Florian Bogner @ Kapsch BusinessCom AG (https://www.kapsch.net/kbc) Affected versions: all tested version up to the current 2.33 Tested on: Windows 7 CVE :

[FD] Faraday v1.0.20 is here! New conflict resolution, hosts and services views & bug fixes!

A brand new Faraday version is ready! Faraday v1.0.20 is here, bringing more functionality to our GTK interface and other cool new features. If you've been keeping up with Faraday, on our last release http://blog.infobytesec.com/2016/04/prepare-warm-welcome-for-faraday-v1019.html we published a

[FD] Defense in depth -- the Microsoft way (part 40): seven+ year old "blended" threat still alive and kicking

Hi @ll, a looong time ago Microsoft "addressed" a so called "blended" threat: Internet Explorer loaded and executed DLLs placed on the user's desktop. See (titled "Blended Threat from Combined Attack Using Apple's Safari on the Windows