This looks like a reflected XSS, not a code execution vulnerability as the
term is commonly understood.
On Tue, Apr 21, 2015 at 11:34 AM, Vulnerability Lab <
resea...@vulnerability-lab.com> wrote:
> Document Title:
> ===
> Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability
>
>
*Overview*
Google Analytics by Yoast is one of the most popular WordPress plug-ins
with over 7 million downloads and "1+ million" active installs. Last month
Yoast patched a stored XSS we reported in the plug-in. Shortly after this
we identified another bug of a similar severity. The second stored
I'm releasing a few vulnerabilities for the WNR2000v4 Netgear router.
Netgear is currently working these issues.
Quick Fix
-
If you own a WNR2000v4, set a strong password and set security questions
to jibberish.
Timeline
FEB2015 - "MW" Volunteers to be victim to router pwnin
A security issue in Linux ASLR implementation which affects some AMD processors
has been found. The issue affects to all Linux process even if they are not
using shared libraries (statically compiled).
The problem appears because some mmapped objects (VDSO, libraries, etc.) are
poorly randomiz
A bug in Linux ASLR implementation has been found. The issue is that the mmap
base address for processes is not properly randomized on some architectures due
to an improper bit-mask manipulation. Affected systems have reduced the mmap
area entropy of the processes by half.
The number of possib
Document Title:
===
SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1314
Release Date:
=
2015-03-23
Vulnerability Laboratory ID (VL-ID):
==
Document Title:
===
PayPal Inc Bug Bounty #113 - Client Side Cross Site Scripting Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1453
Video: http://www.vulnerability-lab.com/get_content.php?id=1454
View: https://www.youtub
Document Title:
===
Ebay Inc Xcom #7 - (Policy) Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1228
Release Date:
=
2015-03-25
Vulnerability Laboratory ID (VL-ID):
=
Document Title:
===
Ebay Inc Xcom #6 - Persistent POST Inject Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1227
Release Date:
=
2015-03-24
Vulnerability Laboratory ID (VL-ID):
==
Document Title:
===
Ebay Inc Xcom #4 - (Item Preview) Persistent Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1215
Release Date:
=
2015-03-23
Vulnerability Laboratory ID (VL-ID):
=
Document Title:
===
Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1447
Release Date:
=
2015-03-13
Vulnerability Laboratory ID (VL-ID):
=
Document Title:
===
Photo Manager Pro v4.4.0 iOS - File Include Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1445
Release Date:
=
2015-03-12
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Mobile Drive HD v1.8 - File Include Web Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1446
Release Date:
=
2015-03-11
Vulnerability Laboratory ID (VL-ID):
Document Title:
===
Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1444
Release Date:
=
2015-03-10
Vulnerability Laboratory ID (VL-ID):
===
14 matches
Mail list logo
