SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by Vulnerability Lab on Mar 07

Document Title:
===============
Sparkasse - Multiple Persistent Cross Site Scripting Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2173

Release Date:
=============
2019-03-07

Vulnerability Laboratory ID (VL-ID):
====================================
2173

Common Vulnerability Scoring System:
====================================
4.6

Vulnerability Class:
====================...

Posted by Ryan Delaney on Mar 05

<!--
# Exploit Title: Sagemcom router insufficient default PSK entropy
# Date: 4-3-2019
# Exploit Author: Ryan Delaney
# Author Contact: ryan.delaney () owasp org
# Author LinkedIn: https://www.linkedin.com/in/infosecrd/
# Vendor Homepage: https://www.sagemcom.com/
# Software Link: N/A
# Version: 0.4.39
# Tested on: 0.4.39
# CVE: CVE-2019-9555

1. Description

Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly
others), in WPA...

Posted by Jan Kopriva on Mar 05

Affected Software: Babel: Multilingual Site module for CMS Made Simple
Affected Version: 0.4.1 and earlier
Patched Version: None - project is no longer under development
CVE Identifier: TBD
Vulnerability type: CWE-601: URL Redirection to Untrusted Site ('Open
Redirect')
Severity Rating: CVSS v3 Base Score: 6.1
(AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
Security Researcher: Jan Kopriva @ Alef Nula

Summary:
The Babel multi-language module...

Posted by Henri Salo on Mar 05

Please use CVE-2019-9567 for XSS vulnerability and CVE-2019-9568 for
SQL-injection vulnerability.

Posted by Ece örsel on Mar 05

I. VULNERABILITY
-------------------------
SAP J2EE Engine/7.01/Fiori
Reflected Cross Site Scripting (XSS)

II. CVE REFERENCE
-------------------------
Use CVE-2018-17865

III. VENDOR
-------------------------
https://www.sap.com

IV. TIMELINE
-------------------------
10/08/2018 Vulnerability discovered
12/07/2018 Vendor contacted
19/07/2018 SAP reply that SAP J2EE engine/7.01 end of support

V. CREDIT
-------------------------
Ece Orsel from...

Posted by Ece örsel on Mar 05

I. VULNERABILITY
-------------------------
SAP J2EE Engine/7.01/Fiori
Reflected Cross Site Scripting (XSS)

II. CVE REFERENCE
-------------------------
CVE-2018-17864

III. VENDOR
-------------------------
https://www.sap.com

IV. TIMELINE
-------------------------
10/08/2018 Vulnerability discovered
12/07/2018 Vendor contacted
19/07/2018 SAP reply that SAP J2EE engine/7.01 end of support

V. CREDIT
-------------------------
Ece Orsel from Biznet...

Posted by Ece örsel on Mar 05

I. VULNERABILITY
-------------------------
SAP J2EE Engine/7.01/Fiori
Reflected Cross Site Scripting (XSS)

II. CVE REFERENCE
-------------------------
CVE-2018-17864

III. VENDOR
-------------------------
https://www.sap.com

IV. TIMELINE
-------------------------
10/08/2018 Vulnerability discovered
12/07/2018 Vendor contacted
19/07/2018 SAP reply that SAP J2EE engine/7.01 end of support

V. CREDIT
-------------------------
Ece Orsel from Biznet...

Posted by Ece örsel on Mar 05

I. VULNERABILITY
-------------------------
SAP J2EE Engine/7.01/Fiori
Reflected Cross Site Scripting (XSS)

II. CVE REFERENCE
-------------------------
CVE-2018-17862

III. VENDOR
-------------------------
https://www.sap.com

IV. TIMELINE
-------------------------
10/08/2018 Vulnerability discovered
12/07/2018 Vendor contacted
19/07/2018 SAP reply that SAP J2EE engine/7.01 end of support

V. CREDIT
-------------------------
Ece Orsel from Biznet...

Posted by Ece örsel on Mar 05

I. VULNERABILITY
-------------------------
SAP J2EE Engine/7.01/Portal/EPP
Reflected Cross Site Scripting (XSS)

II. CVE REFERENCE
-------------------------
CVE-2018-17862

III. VENDOR
-------------------------
https://www.sap.com

IV. TIMELINE
-------------------------
10/08/2018 Vulnerability discovered
12/07/2018 Vendor contacted
19/07/2018 SAP reply that SAP J2EE engine/7.01 end of support

V. CREDIT
-------------------------
Ece Orsel from...

Posted by Ece örsel on Mar 05

I. VULNERABILITY
-------------------------
SAP J2EE Engine/7.01/Portal/EPP
Reflected Cross Site Scripting (XSS)

II. CVE REFERENCE
-------------------------
CVE-2018-17861

III. VENDOR
-------------------------
https://www.sap.com

IV. TIMELINE
-------------------------
10/08/2018 Vulnerability discovered
12/07/2018 Vendor contacted
19/07/2018 SAP reply that SAP J2EE engine/7.01 end of support

V. CREDIT
-------------------------
Ece Orsel from...

Posted by secure on Mar 01

DSA-2019-038: RSA® Authentication Manager Insecure Credential Management Vulnerability

Dell EMC Identifier: DSA-2019-038

CVE Identifier: CVE-2019-3711

Severity Rating: 5.8 (AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N)

Affected Products:

• RSA® Authentication Manager version 8.4 and earlier

Summary:
RSA Authentication Manager contains a vulnerability associated with insecure credential management.
Details:
The Operations Console...

Posted by secure on Mar 01

DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities

Dell EMC Identifier: DSA-2019-025

CVE Identifier: CVE-2019-3705, CVE-2019-3706

Severity Rating: See below for scores of individual CVEs

Affected Products:

RSA Archer versions prior to 6.5 P1 (CVE-2019-3705)
RSA Archer versions prior to 6.5 P2 (CVE-2019-3706)

Summary:
RSA Archer has fixes available for multiple security vulnerabilities that could potentially be exploited by...

Posted by Rafael Pedrero on Mar 01

In 2009...

<!--
# Exploit Title: Cross Site Scripting in PRTG Network Monitor v7.1.3.3378
# Date: 17-02-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://www.paessler.com/prtg
# Software Link: http://www.paessler.com/prtg
# Version: PRTG Network Monitor v7.1.3.3378
# Tested on: All
# CVE : CVE-2019-9206
# Category: webapps

1. Description

PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm,
errormsg or...

Posted by Axel Boesenach on Mar 01

Dear reader,

I am not sure if I am contacting through the right email address but someone said I should e-mail you guys.

I found an RCE functionality in the Apache UNO API which could give an attacker control over a machine, or use a
machine already compromised in the network to exfiltrate data, etc.

The company that posted this issue on their blog is the company I did my internship. Copy-paste from the advisory on
there:

[START OF...

Posted by RedForce Advisory on Mar 01

RedForce Advisory
https://redforce.io

## ِAdvisory Information
Title: SHAREit For Android <= 4.0.38 Multiple Vulnerabilities
Advisory URL:
https://blog.redforce.io/shareit-vulnerabilities-enable-unrestricted-access-to-adjacent-devices-files/
Date published: 2019-02-25
Date of last update: 2019-02-25
Vendors contacted: Beijing Shareit Information Technology Co., Ltd.

## Introduction

SHAREit for Android is a popular application used for file...

Posted by advisories on Mar 01

SecureAuth - SecureAuth Labs Advisory
http://www.secureauth.com/

Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2

1. *Advisory Information*

Title: Cisco WebEx Meetings Elevation of Privilege Vulnerability Version 2
Advisory ID: CORE-2018-0012
Advisory URL:
http://www.secureauth.com/labs/advisories/cisco-webex-meetings-elevation-privilege-vulnerability-version-2
Date published: 2019-02-27
Date of last update: 2019-02-27...

Posted by Asterisk Security Team on Feb 28

Asterisk Project Security Advisory - AST-2019-001

Product Asterisk
Summary Remote crash vulnerability with SDP protocol
violation
Nature of Advisory Denial Of Service
Susceptibility Remote Authenticated Sessions...

Posted by Stefan Kanthak on Feb 26

Hi @ll,

Microsoft just announced the general availability of their
"Windows Defender Advanced Threat Protection/Endpoint Protection & Response"
for their "downlevel" operating systems Windows 7 and Windows 8.1:
https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Windows-Defender-ATP-s-EDR-capability-for-Windows-7-and-Windows/ba-p/355535

This announcement ends in

| For more information on how you can onboard...

Posted by Rafael Pedrero on Feb 26

<!--
# Exploit Title: Blind SQL injection in SQLiteManager 1.2.0 (and 1.2.4)
# Date: 17-02-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://www.sqlitemanager.org/
# Software Link: http://www.sqlitemanager.org/
# Version: SQLiteManager 1.2.0 (and 1.2.4)
# Tested on: All
# CVE : CVE-2019-9083
# Category: webapps

1. Description

SQLiteManager 1.2.0 (and 1.2.4) allows SQL injection via the
/sqlitemanager/main.php dbsel parameter....

Posted by Sebastian Neef on Feb 26

The SVG library nanosvg [0] suffers from a memory corruption bug that can lead to at least DoS.

The bug exists in the `nsvg__parseColorRGB` function, which can be reached by parsing a malicious SVG file through
`nsvgParseFromFile` or `nsvgParse`. This should also affect libraries/packages that provide bindings to nanosvg, for
example:

- Lua: https://github.com/iongion/lunavg
- Python: https://github.com/ethanhs/pynanosvg
- Java:...