[FD] Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability

Document Title: === Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1740 Release Date: = 2016-02-22 Vulnerability Laboratory ID (VL-ID): ==

Re: [FD] Cisco ASA VPN - Zero Day Exploit

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Is there a CVE ID for this? Also what firmware does this effect? I tested this and the input gets HTML encoded so is nulled. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJWyuREAAoJEFrCzlP2l9LQ5NAQAI5inAIprg6bkdqN6lvboHUA Unhp+Kdpg

[FD] Vulnerability in WebSVN 2.3.3

Title: WebSVN - Reflected Cross-Site Scripting Author: Jakub Palaczynski Date: 22. February 2016 CVE: CVE-2016-2511 Affected software: == WebSVN 2.3.3 Older versions are probably also vulnerable. Description: WebSVN offers a view onto your subversion repositories th

Re: [FD] Cisco ASA VPN - Zero Day Exploit

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 This is message serves as Cisco PSIRT's response to Juan Sacco’s post on Febuary 17 regarding a zero-day exploit on the Cisco ASA. We would like to thank Juan for reporting these issues to Cisco a couple of weeks ago. We greatly appreciate the op

[FD] PLANET IP Surveillance camera Multiple Vulnerabilities

Overview === Technical Risk: high Likelihood of Exploitation: medium Tested version: ICA-5350V/ICA-* Credits: Discovered and researched by GT.Omaz from OrwellLabs Issues = I. Local File Inclusion II. Arbitrary file read/Authentication bypass III. Sensitive information disclosure IV. Cro

[FD] BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS

(, ) (, . '.' ) ('.', ). , ('. ( ) ( (_,) .'), ) _ _, / _/ / _ \ _ \ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ |\\ \__( <_> ) Y Y \ /__ /\___|__ / \___ >/|__|_| / \/ \/.-.\/ \/:wq

[FD] Avast Virtualization Driver - Elevation Of Privileges

* CVE: CVE-2015-8620 * Vendor: Avast * Reported by: Kyriakos Economou * Date of Release: 17/02/2016 * Affected Products: Multiple * Affected Version: <= v11.1.2245 * Fixed Version: v11.1.2253 Description: A heap overflow bug in the Avast Virtualization kernel mode driver (aswSnx.sys) allows a loc

Re: [FD] Cisco ASA VPN - Zero Day Exploit

For folks who want code that runs, I did you all a favor, fixed the ident issues, removed unused libraries, fixed SSL certificate validation checks causing failures, fixed typos that prevent running, killed dead code, made sure it actually used the Port input. All while stripping out the unnecessar

[FD] Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities

Document Title: === Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1728 Release Date: = 2016-02-22 Vulnerability Laboratory ID (VL-ID): =

[FD] InstantCoder v1.0 iOS - Multiple Web Vulnerabilities

Document Title: === InstantCoder v1.0 iOS - Multiple Web Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1738 Release Date: = 2016-02-22 Vulnerability Laboratory ID (VL-ID): =