[FD] CarolinaCon-12 - March 2016 - Call for Speakers/Papers/Presenters/Demos

2015-10-17 Thread Vic Vandal
h4x0rs, stuff-breakers, InfoSec pros, g33k girls, international spies, and script kidz, CarolinaCon-12 will occur on March 4th-6th 2016 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions for the event. Yes I know - CC-11 was billed as "the last CarolinaCon as w

[FD] ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access

2015-10-17 Thread ERPScan inc
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access Application: SAP NetWeaver Versions Affected: SAP NetWeaver AS JAVA, probably others Vendor URL: http://SAP.com Bugs: Unauthorized access Sent: 20.04.2013 Reported: 21.04.2013 Vendor response: 21.04.20

[FD] Events Made Easy WordPress plugin CSRF + Persistent XSS

2015-10-17 Thread David Sopas
Plugin link: https://wordpress.org/plugins/events-made-easy/ Active Installs: 10,000+ Version tested: 1.5.49 CVE Reference: Waiting Original advisory: https://www.davidsopas.com/events-made-easy-wordpress-plugin-csrf-persistent-xss/ Events Made Easy is a full-featured event management solution for