Security News

Re: Vulnerabilities in Zurmo 2.3.4

Full Disclosure - 8 January, 2019 - 13:02

Posted by Henri Salo on Jan 08

Did you request CVE(s) for this? How did you contact vendor?

Re: Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8

Full Disclosure - 8 January, 2019 - 13:02

Posted by Henri Salo on Jan 08

How did you contact vendor? Are you sure that they didn't fix this? Latest
version is 1.1.2 according to https://microweber.com/download. Do you plan to
follow-up on this or is this case closed from your point of view?

New Release: UFONet v1.2 - "Armageddon!"

Full Disclosure - 8 January, 2019 - 13:02

Posted by psy on Jan 08

Hi FD,

I am glad to present a new release of this tool:

- https://ufonet.03c8.net

"UFONet - is a toolkit designed to launch DDoS and DoS attacks."

See these links for more info:

- CWE-601:Open Redirect [1]
- OWASP:URL Redirector Abuse [2]
- Botnet requests schema [3]

---------

Main options are:

* DDoS (botnet) + DoS
* Auto-update
* Clean code
* Documentation with examples
* Web/GUI Interface
* Proxy to...

Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14

Full Disclosure - 8 January, 2019 - 13:01

Posted by Daniel Bishtawi on Jan 08

Hello,

We are glad to inform you about the vulnerabilities we reported in ZenPhoto
1.4.14.

Here are the details:

Advisory by Netsparker
Name: Multiple Cross-Site Scripting Vulnerabilities in ZenPhoto 1.4.14
Affected Software: ZenPhoto
Affected Versions: 1.4.14
Homepage: http://www.zenphoto.org/
Vulnerability: Cross-Site Scripting
Severity: Medium
Status: Fixed
CVE-ID: CVE-2018-20140
CVSS Score (3.0):...

Reflected Cross-site Scripting in Mantis 2.11.1

Full Disclosure - 8 January, 2019 - 13:01

Posted by Daniel Bishtawi on Jan 08

Hello,

We are glad to inform you about the vulnerabilities we reported in Mantis
2.11.1.

Here are the details:

Advisory by Netsparker
Name: Reflected Cross-site Scripting in Mantis 2.11.1
Affected Software: Mantis
Affected Versions: 2.11.1
Homepage: https://www.mantisbt.org/
Vulnerability: Cross-site Scripting
Severity: Medium
Status: Fixed
CVE-ID: CVE-2018-13055
CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Netsparker...

Re: Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8

Full Disclosure - 8 January, 2019 - 13:01

Posted by Daniel Bishtawi on Jan 08

Hi Henri,

There was no response after the details had been sent to
peter () microweber com as requested by Microweber (info () microweber com).
They did not follow up with an update on the status of the fix once the
technical details has been sent, as requested and did not respond when we
tried to contact them. This is case closed from our point of view as the
technical details had been sent in April for a older version.

Regards,

Daniel...

CVSS is the worst compression algorithm ever

Daily Dave - 8 January, 2019 - 11:23

Posted by Dave Aitel on Jan 08

I wanted to take a few minutes and do a quick highlight of a paper from CMU-CERT which I think most people have missed
out on: https://resources.sei.cmu.edu/asset_files/WhitePaper/2018_019_001_538372.pdf

Towards Improving CVSS -
resources.sei.cmu.edu<https://resources.sei.cmu.edu/asset_files/WhitePaper/2018_019_001_538372.pdf>
resources.sei.cmu.edu
SOFTWARE ENGINEERING INSTITUTE | CARNEGIE MELLON UNIVERSITY REV-03.18.2016.0 Distribution...

CSRF in MapSVG Lite could allow an attacker to do almost anything an admin can (WordPress plugin)

Full Disclosure - 8 January, 2019 - 05:03

Posted by dxw Security on Jan 08

Details
================
Software: MapSVG Lite
Version: 3.2.3
Homepage: https://en-gb.wordpress.org/plugins/mapsvg-lite-interactive-vector-maps/
Advisory report: https://advisories.dxw.com/advisories/csrf-mapsvg-lite/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)

Description
================
CSRF in MapSVG Lite could allow an attacker to do almost anything an admin can

Vulnerability
================
The plugin uses...

DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability

Full Disclosure - 4 January, 2019 - 13:52

Posted by secure on Jan 04

DSA-2018-226: RSA® Authentication Manager Relative Path Traversal Vulnerability

Dell EMC Identifier:DSA-2018-226

CVE Identifier: CVE-2018-15782

Severity: 7.7 (AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

Severity Rating: High

Affected Products: RSA Authentication Manager versions prior to 8.4

Summary: RSA Authentication Manager contains a fix for a relative path traversal vulnerability that could potentially
be exploited by malicious users to...

BMC Network Automation v8.7 - remote session hijacking.

Full Disclosure - 4 January, 2019 - 13:52

Posted by Filip Palian on Jan 04

Hejkum kejkum,

Intro:
The BMC Network Automation allows authenticated users to hijack
established remote sessions of other users, version v8.7.00.000 b383
u038 was confirmed to be vulnerable.

Details:
Authenticated users of the BMC Network Automation web application with
assigned “viewer” role are able to hijack SSH/Telnet sessions
initiated by other, privileged users.
In order to hijack an established session, the only requirement is to...

BMC Remedy + ITAM - multiple security issues.

Full Disclosure - 4 January, 2019 - 13:52

Posted by Filip Palian on Jan 04

Hejkum kejkum,

Intro:
Multiple security related issues were identified in the BMC Remedy +
ITAM, versions 7.1.00 and 9.1.02.003 were confirmed to be vulnerable.

Issues:
1. Authenticated users can access ITAM forms using forceful browsing,
i.e. the forms are not accessible in the ITAM web user interface.
The list of available forms in the given ITAM deployment can be found
using the following URL:...

Open-Xchange Security Advisory 2018-12-31

Full Disclosure - 4 January, 2019 - 13:51

Posted by martin . heiland . lists on Jan 04

Dear subscribers,

we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs (open-xchange, dovecot, powerdns) at HackerOne.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: 58880 (Bug ID)
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable...

CWE-80 XSS Bose Soundtouch App

Full Disclosure - 4 January, 2019 - 13:51

Posted by ProSec on Jan 04

Hi guys,

happy new year we would like to inform you about the following security issue.

CWE-80 XSS Bose Soundtouch App

Internal reference: -
Vulnerability type: Cross-Site Scripting (CWE-80)
Vulnerable version: 18.1.4 and maybe older versions, too (not tested)
Vulnerable component: IOS Frontend of the application
Report confidence: Unconfirmed
Solution status: Could be fixed by vendor?
Fixed version: -
Vendor notification: 2018-06-21...

CVE-2018-19509-19513: multiple vulnerabilities (incl. critical pre-auth RCE) in Webgalamb

Full Disclosure - 4 January, 2019 - 13:51

Posted by Daniel Jones via Fulldisclosure on Jan 04

Summary
-------

Vendor: E.N.S. Zrt (www.ens.hu)
Product: Webgalamb (www.webgalamb.hu, www.facebook.com/webgalamb)

Webgalamb is a commercial email marketing software for managing subscription lists and sending out bulk emails. It is
not SaaS but a PHP based web application that is typically hosted next to the company website of Webgalamb customers.

Webgalamb is prone to be vulnerable to multiple security flaws that could be exploited by threat...

Multiple Cross-site Scripting Vulnerabilities in Family Connections 3.7.0

Full Disclosure - 4 January, 2019 - 13:51

Posted by Daniel Bishtawi on Jan 04

Hello,

We are glad to inform you about the vulnerabilities we reported in Family
Connections 3.7.0.

Here are the details:

Advisory by Netsparker
Name: Multiple Reflected Cross-site Scripting Vulnerabilities in Family
Connections
Affected Software: Family Connection
Affected Versions: 3.7.0
Homepage: http://familyconnections.org/
Vulnerability: Multiple Reflected XSS
Severity: High
Status: Not Fixed
CVSS Score (3.0):...

Multiple Cross-site Scripting Vulnerabilities in GeniXCMS 1.1.5

Full Disclosure - 4 January, 2019 - 13:51

Posted by Daniel Bishtawi on Jan 04

Hello,

We are glad to inform you about the vulnerabilities we reported in GeniXCMS
1.1.5.

Here are the details:

Advisory by Netsparker
Name: Cross-site Scripting Vulnerabilities in GeniXCMS
Affected Software: GeniXCMS
Affected Versions: 1.1.5
Homepage: https://github.com/semplon/GeniXCMS
Vulnerability: Cross-site Scripting
Severity: High
Status: Not Fixed
CVE-ID: 2018-14476
CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N (7.4)...

Reflected Cross-site Scripting Vulnerability in Microweber 1.0.8

Full Disclosure - 4 January, 2019 - 13:51

Posted by Daniel Bishtawi on Jan 04

Hello,

We are glad to inform you about the vulnerabilities we reported in
Microweber 1.0.8.

Here are the details:

Advisory by Netsparker
Name: Reflected Cross-site Scripting in Microweber
Affected Software: Microweber
Affected Versions: 1.0.8
Homepage: https://github.com/microweber/microweber
Vulnerability: Cross-site Scripting
Severity: High
Status: Not Fixed
CVE-ID: CVE-2018-19917
CVSS Score (3.0): 7.4
Netsparker Advisory Reference:...

Vulnerabilities in Zurmo 2.3.4

Full Disclosure - 4 January, 2019 - 13:51

Posted by Daniel Bishtawi on Jan 04

Hello,

We are glad to inform you about the vulnerabilities we reported in Zurmo
2.3.4.

Here are the details:

Advisory by Netsparker
Name: Code Evolution (PHP) in Zurmo 2.3.4
Affected Software: Zurmo
Affected Versions: 2.3.4
Homepage: http://zurmo.org/
Vulnerability: Code evolution (PHP)
Severity: Critical
Status: Not Fixed
CVSS Score (3.0): 8.8
Netsparker Advisory Reference: NS-18-034

For more information and the Technical Details:...

Multiple Cross-site Scripting Vulnerabilities in ImpressCMS 1.3.10

Full Disclosure - 4 January, 2019 - 13:51

Posted by Daniel Bishtawi on Jan 04

Hello,

We are glad to inform you about the vulnerabilities we reported in
ImpressCMS 1.3.10.

Here are the details:

Advisory by Netsparker
Name: Reflected and Stored XSS Vulnerabilities in ImpressCMS
Affected Software: ImpressCMS
Affected Versions: 1.3.10
Homepage: https://www.impresscms.org/
Vulnerability: Reflected and Stored XSS Vulnerabilities
Severity: High
Status: Fixed
CVE-ID: CVE-2018-13983
Netsparker Advisory Reference: NS-18-033

For...

/bin/statistics in TWiki 6.0.2 allows XSS via the webs parameter(CVE-2018-20212)

Full Disclosure - 4 January, 2019 - 13:50

Posted by zzt0907 on Jan 04

# bin/statistics in TWiki 6.0.2 allows XSS via the webs parameter(CVE-2018-20212)

## Vulnerability Type
Cross Site Scripting (XSS)

## Vendor of Product:
twiki

## Affected Product Version
twiki - 6.0.2

## Affected Component
twiki/bin/statistics

## Attack Type
Remote

## Attack Vectors
/twiki/bin/statistics?webs=<script>alert(1)</script>

## Credit
This vulnerability was discovered by Jiawang Zhang Coordination Center of China...
Syndicate content