Vulnerability title: Wordpress Geo Mashup plugin XSS
Author: Paolo Perego
CVE: CVE-2015-1383
Affected versions: <= 1.8.2
Fixed version: 1.8.3 (January, 11 2015)
Product link: https://wordpress.org/plugins/geo-mashup/
Description
Geo Mashup is a wordpress plugin designed to let you save location
i
Hi,
This is part 12 of the ManageOwnage series. For previous parts, see [1].
This time we have an arbitrary file download, directory content
disclosure and blind SQL injection vulnerabilities in ManageEngine
OpManager, Applications Manager and IT360.
I've pushed two new Metasploit modules into t
"Do you trust glibc? OK, perhaps that snide remark is overstating things
a bit, but secure software only happens when all the pieces have 100%
correct behavior."
KernelTrap.org, November 26, 2001
Theo De Raadt http://en.wikiquote.org/wiki/Talk:Theo_de_Raadt
On 27/01/2015 18:24, Qualys Secu
Asterisk Project Security Advisory - AST-2015-001
ProductAsterisk
SummaryFile descriptor leak when incompatible codecs are
offered
Asterisk Project Security Advisory - AST-2015-002
ProductAsterisk
SummaryMitigation for libcURL HTTP request injection
vulnerability
Hello list!
There are Information Leakage and Insufficient Authorization vulnerabilities
in HP LaserJet. Vulnerabilities are in control panel of HP network MFP and
printers. Earlier I informed HP about it.
You can read articles in BBC
(http://seclists.org/fulldisclosure/2014/Dec/98) and Glob
KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege
Escalation
Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2015-001
Publication Date: 2015.01.28
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-
This CVE claims CAS has a vulnerability that "allows remote attackers to
bypass LDAP authentication via crafted wildcards". My understanding of
an "authentication bypass" vulnerability is one that actually bypasses
authentication, accessing a resource without having to authenticate, as
enumerated a
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
(, ) (,
. '.' ) ('.',
). , ('. ( ) (
(_,) .'), ) _ _,
/ _/ / _ \ _
\ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ |\\ \__( <_> ) Y Y \
/__ /\___|__ / \___ >/|__|_| /
\/ \/.-.\/ \/:wq
15 matches
Mail list logo
