Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 3 min 43 sec ago

NextScripts: Social Networks Auto-Poster 4.2.7 - Reflected XSS (WordPress Plugin)

5 February, 2019 - 15:56

Posted by Tim Coen on Feb 05

* Vulnerability: XSS
* Affected Software: [NextScripts: Social Networks
Auto-Poster](https://wordpress.org/plugins/social-networks-auto-poster-facebook-twitter-g/)
* Affected Version: 4.2.7
* Patched Version: 4.2.8
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/25/2018
* Vendor Fix: 11/02/2018
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

KingComposer 2.7.6 - Reflected XSS (WordPress Plugin)

5 February, 2019 - 15:56

Posted by Tim Coen on Feb 05

* Vulnerability: XSS
* Affected Software:
[KingComposer](https://wordpress.org/plugins/kingcomposer/)
* Affected Version: 2.7.6
* Patched Version: none
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/25/2018
* Vendor Fix: none
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

CarolinaCon-15 is April 26-28, 2019 in Charlotte NC - Call For Papers/Presenters is now open

5 February, 2019 - 15:56

Posted by Vic Vandal on Feb 05

We are pleased to announce that CarolinaCon-15 will be on April 26th-28th 2019 in Charlotte NC at the Renaissance
Charlotte Suites. All who are interested in speaking on any topic in the realm of hacking, cybersecurity, technology,
science, robotics or any related field are invited to submit a proposal to present at the con. Full disclosure that
technology or physical security exploitation type submissions are most desirable for this storied...

Give 2.3.0 - Reflected XSS (WordPress Plugin)

5 February, 2019 - 15:56

Posted by Tim Coen on Feb 05

* Vulnerability: XSS
* Affected Software: [Give](https://wordpress.org/plugins/give/)
* Affected Version: 2.3.0
* Patched Version: 2.3.1
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 11/24/2018
* Vendor Fix: 12/13/2018
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

Font_Organizer 2.1.1 - Reflected XSS (WordPress Plugin)

5 February, 2019 - 15:56

Posted by Tim Coen on Feb 05

* Vulnerability: XSS
* Affected Software:
[Font_Organizer](https://wordpress.org/plugins/font-organizer/)
* Affected Version: 2.1.1
* Patched Version: none
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/25/2018
* Vendor Fix: none
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)

5 February, 2019 - 15:56

Posted by Tim Coen on Feb 05

* Vulnerability: XSS & CSRF
* Affected Software: [Contact Form
Email](https://wordpress.org/plugins/contact-form-to-email/)
* Affected Version: 1.2.65
* Patched Version: 1.2.66
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/31/2018
* Vendor Fix: 10/31/2018
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

## Reflected XSS

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

Blog2Social 5.0.2 - Reflected XSS (WordPress Plugin)

5 February, 2019 - 15:55

Posted by Tim Coen on Feb 05

* Vulnerability: XSS
* Affected Software:
[Blog2Social](https://wordpress.org/plugins/blog2social/)
* Affected Version: 5.0.2
* Patched Version: 5.0.3
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/25/2018
* Vendor Fix: 11/13/2018
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin)

5 February, 2019 - 15:55

Posted by Tim Coen on Feb 05

* Vulnerability: XSS
* Affected Software: [Quiz And Survey
Master](https://wordpress.org/plugins/quiz-master-next/)
* Affected Version: 6.0.4
* Patched Version: none
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/25/2018
* Vendor Fix: none
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

##### CVSS

6.1 Medium
[CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](...

Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection (WordPress Plugin)

5 February, 2019 - 15:55

Posted by Tim Coen on Feb 05

* Vulnerability: Unauthenticated Persistent XSS, Blind SQL Injection
* Affected Software:
[Forminator](https://wordpress.org/plugins/forminator/)
* Affected Version: 1.5.4
* Patched Version: 1.6
* CVE: not requested
* Risk: High
* Vendor Contacted: 11/25/2018
* Vendor Fix: 12/10/2018
* Public Disclosure: 02/05/2019
* Credit: Tim Coen

## Unauthenticated Persistent XSS via poll

##### CVSS

7.2 High...

DSA-2019-010: Dell EMC VNX2 Family OS Command Injection Vulnerability

5 February, 2019 - 15:55

Posted by secure on Feb 05

DSA-2019-010: Dell EMC VNX2 Family OS Command Injection Vulnerability

Dell EMC Identifier: DSA-2019-010

CVE Identifier: CVE-2019-3704

Severity Rating: CVSS v3 Base Score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected products:
Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.236

Summary:
VNX Control Station in Dell EMC VNX2 is affected by an operating system (OS) command injection vulnerability...

[Multiple CVE] - Cisco Identity Services Engine unauth stored XSS to RCE as root

5 February, 2019 - 15:55

Posted by Pedro Ribeiro on Feb 05

Hi,

On January 20th, SSD disclosed 3 vulnerabilities found by Agile
Information Security in their Cisco Identity Services Engine (ISE) product.

These are unauth stored XSS, unsafe Java deserialization and privesc to
root, which when combined allow an unauthenticated attacker to achieve
remote code execution as root - as long as you can get an admin to visit
the ISE page vulnerable to stored XSS. This is my take on it.

Cisco has been incredibly...

SEC Consult SA-20190205-0 :: Multiple vulnerabilities in OSCI-Transport Library 1.2 for German e-Government

5 February, 2019 - 06:12

Posted by SEC Consult Vulnerability Lab on Feb 05

A blog post with further information has been released on this topic as well:
https://r.sec-consult.com/osci

SEC Consult Vulnerability Lab Security Advisory < 20190205-0 >
=======================================================================
title: Multiple vulnerabilities
product: OSCI-Transport Library 1.2 for German e-Government
vulnerable version: <=1.8.1
fixed version: 1.8.3
CVE number: -...

Reflected XSS in n SolarWinds Serv-U FTP Server

1 February, 2019 - 15:47

Posted by Chris on Feb 01

Issue: Reflected Cross-Site Scripting
CVE: CVE-2018-19934
Security researcher: Chris Moberly @ The Missing Link Security
Product name: Serv-U FTP Server
Product version: Tested on 15.1.6.25 (current as of Dec 2018)
Fixed in: Serv-U 15.1.6 hotfix 3

# Overview
The Serv-U FTP Server is vulnerable to a reflected cross-site scripting
attack at the following injection points:...

Privilege Escalation + Remote Code Execution in SolarWinds Serv-U FTP Server

1 February, 2019 - 15:47

Posted by Chris on Feb 01

CVE: CVE-2018-15906
Attack type: Remote, authenticated
Discovered by: Chris Moberly @ The Missing Link Security
Operating Systems: Verified on Win10 and Win2016
Vulnerable version: Tested on 15.1.6 (current as of August 2018).
Fixed in: Serv-U 15.1.6 Hotfix 2

# Description
SolarWinds Serv-U FTP Server is vulnerable to privilege escalation from remote
authenticated users by leveraging the CSV user import...

[CVE-2018-14013] Reflected Cross-Site Scripting (XSS) vulnerabilities in Zimbra Collaboration

1 February, 2019 - 15:47

Posted by Sysdream Labs on Feb 01

# [CVE-2018-14013] Reflected Cross-Site Scripting (XSS) vulnerabilities
in Zimbra Collaboration

## Description

Two XSS vulnerabilities have been discovered in Zimbra Collaboration
(initially in version 8.8.8).
Zimbra Collaboration is an open source messaging and collaboration solution.

## Vulnerability records

**Access Vector**: Remote

**Security Risk**: Medium

**Vulnerability**: CWE-79

**CVSS Base Score**: 6.1

**CVSS String**:...

Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2

1 February, 2019 - 14:04

Posted by Daniel Bishtawi on Feb 01

Hello,

We are glad to inform you about the vulnerabilities we reported in WeBid
1.2.2.

Here are the details:

Advisory by Netsparker
Name: Multiple Reflected Cross-site Scripting Vulnerabilities in WeBid 1.2.2
Affected Software: WeBid
Affected Versions: 1.2.2
Homepage: http://www.webidsupport.com/
Vulnerability: Reflected Cross-site Scripting
Severity: High
Status: Not Fixed
CVSS Score (3.0): 6.3
Netsparker Advisory Reference: NS-18-053

For...

Reflected Cross-site Scripting Vulnerability in Collabtive 3.1

1 February, 2019 - 14:04

Posted by Daniel Bishtawi on Feb 01

Hello,

We are glad to inform you about the vulnerabilities we reported in
Collabtive 3.1.

Here are the details:

Advisory by Netsparker
Name: Reflected Cross-site Scripting in Collabtive 3.1
Affected Software: Collabtive
Affected Versions: 3.1
Homepage: https://www.collabtive.com/
Vulnerability: Reflected Cross-site Scripting
Severity: Medium
Status: Not Fixed
CVSS Score (3.0): AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Netsparker Advisory Reference:...

Multiple APIs Vulnerabilities in CUJO Firewall

1 February, 2019 - 14:02

Posted by CUJ0 FAIL on Feb 01

*TL;DR:* Despite CUJO Firewall is a cute device and quite challenging to
break from hardware hacking point of view... the APIs (which are just a
click away, once bypassed pinning and apk's obfuscation) suffer of
authorization bypass issues.
An attacker could easily enumerate all existing users, and for each of
them, create a new 24/7 schedule that will be automatically enabled and
will automatically pause internet.
Which will end up into a...

Re: Multiple Reflected Cross-site Scripting Vulnerabilities in Coppermine 1.5.46

29 January, 2019 - 18:52

Posted by Henri Salo on Jan 29

Fixed in 1.5.48. Vendor advisory: http://forum.coppermine-gallery.net/index.php/topic,79577.0.html

You might want to repeat your security testing on modified parts of the
application.

APPLE-SA-2019-1-24-1 iTunes 12.9.3 for Windows

25 January, 2019 - 14:38

Posted by Apple Product Security via Fulldisclosure on Jan 25

APPLE-SA-2019-1-24-1 iTunes 12.9.3 for Windows

iTunes 12.9.3 for Windows is now available and addresses the
following:

AppleKeyStore
Available for: Windows 7 and later
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6235: Brandon Azad

Core Media
Available for: Windows 7 and later
Impact: A malicious application may be able to...