Security News

Bugtraq: Telisca IPS Lock 2 Vulnerability

Security Focus Vulnerabilities - 25 April, 2016 - 08:05
Telisca IPS Lock 2 Vulnerability

Bugtraq: [SECURITY] [DSA 3556-1] libgd2 security update

Security Focus Vulnerabilities - 25 April, 2016 - 08:05
[SECURITY] [DSA 3556-1] libgd2 security update

Telisca IPS Lock 2 Vulnerability

Bug Traq - 25 April, 2016 - 07:59

Posted by karim reda Fakhir on Apr 25

a vulnerability in IPS LOCK , below is the description :

# Exploit Title: TELISCA IPS LOCK ABUSE
# Date: 13/01/2016
# Software Link: http://www.telisca.com/products/ip-phone-apps/ipslock/
# Exploit Author: Fakhir Karim Reda
# Contact: karim.fakhir () gmail com
# Metasploit module :
https://www.rapid7.com/db/modules/auxiliary/voip/telisca_ips_lock_control
# Publicly disclosed via Metaploit PR 'URL',
'...

Bugtraq: [SECURITY] [DSA 3555-1] imlib2 security update

Security Focus Vulnerabilities - 25 April, 2016 - 07:45
[SECURITY] [DSA 3555-1] imlib2 security update

Bugtraq: Unlimited Pop-Ups WordPress Plugin XSS Vulnerability

Security Focus Vulnerabilities - 25 April, 2016 - 07:45
Unlimited Pop-Ups WordPress Plugin XSS Vulnerability

Bugtraq: CM-AD-Changer XSS Vulnerability

Security Focus Vulnerabilities - 25 April, 2016 - 07:45
CM-AD-Changer XSS Vulnerability

Negin Group CMS - (v) Multiple Web Vulnerabilities

Full Disclosure - 25 April, 2016 - 05:17

Posted by Vulnerability Lab on Apr 25

Document Title:
===============
Negin Group CMS - (v) Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1831

Release Date:
=============
2016-04-25

Vulnerability Laboratory ID (VL-ID):
====================================
1831

Common Vulnerability Scoring System:
====================================
7.1

Product & Service Introduction:
===============================...

Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability

Full Disclosure - 25 April, 2016 - 05:15

Posted by Vulnerability Lab on Apr 25

Document Title:
===============
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1820

Release Date:
=============
2016-04-19

Vulnerability Laboratory ID (VL-ID):
====================================
1820

Common Vulnerability Scoring System:
====================================
3.6

Product & Service Introduction:...

Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities

Full Disclosure - 25 April, 2016 - 05:09

Posted by Vulnerability Lab on Apr 25

Document Title:
===============
Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1721

Cyberoam Ticket ID: #1001314
Case ID: CCC-4208

Release Date:
=============
2016-04-18

Vulnerability Laboratory ID (VL-ID):
====================================
1721

Common Vulnerability Scoring System:
====================================
3.4...

UBNT Bug Bounty #2 - XML External Entity Vulnerability

Full Disclosure - 25 April, 2016 - 05:07

Posted by Vulnerability Lab on Apr 25

Document Title:
===============
UBNT Bug Bounty #2 - XML External Entity Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1466

Release Date:
=============
2016-04-14

Vulnerability Laboratory ID (VL-ID):
====================================
1466

Common Vulnerability Scoring System:
====================================
3.8

Product & Service Introduction:...

Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability

Full Disclosure - 25 April, 2016 - 05:05

Posted by Vulnerability Lab on Apr 25

Document Title:
===============
Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1769

Release Date:
=============
2016-04-08

Vulnerability Laboratory ID (VL-ID):
====================================
1769

Common Vulnerability Scoring System:
====================================
3.8

Product & Service Introduction:...

C & C++ for OS - Filter Bypass & Persistent Vulnerability

Full Disclosure - 25 April, 2016 - 05:03

Posted by Vulnerability Lab on Apr 25

Document Title:
===============
C & C++ for OS - Filter Bypass & Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1825

Release Date:
=============
2016-04-14

Vulnerability Laboratory ID (VL-ID):
====================================
1825

Common Vulnerability Scoring System:
====================================
3.5

Product & Service Introduction:...

Bugtraq: Easy Social Share Buttons for WordPress XSS Vulnerability

Security Focus Vulnerabilities - 24 April, 2016 - 11:00
Easy Social Share Buttons for WordPress XSS Vulnerability

[SECURITY] [DSA 3556-1] libgd2 security update

Bug Traq - 24 April, 2016 - 10:08

Posted by Salvatore Bonaccorso on Apr 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3556-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 24, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libgd2
CVE ID : CVE-2016-3074
Debian Bug :...

[SECURITY] [DSA 3555-1] imlib2 security update

Bug Traq - 24 April, 2016 - 10:01

Posted by Alessandro Ghedini on Apr 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-3555-1 security () debian org
https://www.debian.org/security/ Alessandro Ghedini
April 23, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : imlib2
CVE ID : CVE-2011-5326 CVE-2014-9771...

Unlimited Pop-Ups WordPress Plugin XSS Vulnerability

Bug Traq - 24 April, 2016 - 09:53

Posted by Rahul Pratap Singh on Apr 24

## FULL DISCLOSURE

#Product : Unlimited Pop-Ups WordPress Plugin
#Exploit Author : Rahul Pratap Singh
#Version : 1.4.3
#Home page Link :
http://codecanyon.net/item/unlimited-popups-wordpress-plugin/8575498
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

----------------------------------------
Description:
----------------------------------------
"callback,...

CM-AD-Changer XSS Vulnerability

Bug Traq - 24 April, 2016 - 09:43

Posted by Rahul Pratap Singh on Apr 24

## FULL DISCLOSURE

#Product : cm-ad-changer
#Exploit Author : Rahul Pratap Singh
#Version :1.7.2
#Home page Link : https://wordpress.org/plugins/cm-ad-changer/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

----------------------------------------
Description:
----------------------------------------
Following parameters are not sanitized that leads to XSS...

Easy Social Share Buttons for WordPress XSS Vulnerability

Bug Traq - 24 April, 2016 - 09:33

Posted by Rahul Pratap Singh on Apr 24

## FULL DISCLOSURE

#Product :Easy Social Share Buttons for WordPress
#Exploit Author : Rahul Pratap Singh
#Version :3.2.5
#Home page Link :
http://codecanyon.net/item/easy-social-share-buttons-for-wordpress/6394476
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

----------------------------------------
Description:
----------------------------------------...

Google SEO Pressor Snippet Plugin XSS Vulnerability

Bug Traq - 24 April, 2016 - 09:24

Posted by Rahul Pratap Singh on Apr 24

## FULL DISCLOSURE

#Product : Google SEO Pressor Snippet Plugin
#Exploit Author : Rahul Pratap Singh
#Version :1.2.6
#Home page Link : https://wordpress.org/plugins/google-seo-author-snippets/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

----------------------------------------
Description:
----------------------------------------
Following parameters are...

Echosign Plugin for WordPress XSS Vulnerability

Bug Traq - 24 April, 2016 - 09:14

Posted by Rahul Pratap Singh on Apr 24

## FULL DISCLOSURE

#Product : Echosign Plugin
#Exploit Author : Rahul Pratap Singh
#Version :1.1
#Home page Link : https://wordpress.org/plugins/echosign/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/rahulpratapsingh94
#Date : 21/4/2016

XSS Vulnerability:

----------------------------------------
Description:
----------------------------------------
"Page" and "id" parameters are not sanitized...
Syndicate content