[FD] Port Scan v2.0 iOS - Command Inject Vulnerability

2015-11-17 Thread Vulnerability Lab
Document Title: === Port Scan v2.0 iOS - Command Inject Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1619 Release Date: = 2015-11-02 Vulnerability Laboratory ID (VL-ID):

[FD] LAN Scan HD v1.20 iOS - Command Inject Vulnerability

2015-11-17 Thread Vulnerability Lab
Document Title: === LAN Scan HD v1.20 iOS - Command Inject Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1618 Release Date: = 2015-11-05 Vulnerability Laboratory ID (VL-ID): =

[FD] Magento Bug Bounty #22 - (Profile) Persistent Vulnerability

2015-11-17 Thread Vulnerability Lab
Document Title: === Magento Bug Bounty #22 - (Profile) Persistent Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1636 Magento Security ID: APPSEC-1121 Release Date: = 2015-11-06 Vulnerability Laboratory ID (

[FD] Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities

2015-11-17 Thread Vulnerability Lab
Document Title: === Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1643 APPSEC-1122 Video: http://www.vulnerability-lab.com/get_content.php?id=1642 Release Date:

[FD] LineNity WP Premium Theme - File Include Vulnerability

2015-11-17 Thread Vulnerability Lab
Document Title: === LineNity WP Premium Theme - File Include Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1645 Release Date: = 2015-11-15 Vulnerability Laboratory ID (VL-ID): ===

[FD] Murgent CMS - SQL Injection Vulnerability

2015-11-17 Thread Vulnerability Lab
Document Title: === Murgent CMS - SQL Injection Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1646 Release Date: = 2015-11-16 Vulnerability Laboratory ID (VL-ID): 1646

[FD] Free WMA MP3 Converter - Buffer Overflow Exploit (SEH)

2015-11-17 Thread Vulnerability Lab
Document Title: === Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) References (Source): http://www.vulnerability-lab.com/get_content.php?id=1620 Release Date: = 2015-10-19 Vulnerability Laboratory ID (VL-ID): ===

[FD] Google AOSP Email App HTML Injection

2015-11-17 Thread Cláudio André
https://labs.integrity.pt/articles/google-aosp-email-app-html-injection-2/ 1. Vulnerability Properties *Title: *Google AOSP Email App HTML Injection *CVE ID: PendingCVSSv3 Base Score: *6.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) *Vendor: *Google *Products:* AOSP Email App *Advisory Release Date:*

[FD] CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability

2015-11-17 Thread Matthew Flanagan
Title: Cisco FireSIGHT Management Center Certificate Validation Vulnerability Blog URL: http://wadofstuff.blogspot.com.au/2015/11/cve-2015-6357-firepwner-exploit-for.html Vendor: Cisco Product: FireSIGHT Management Center Affected Versions: 5.2.x, 5.3.x, 5.4.x Advisory URL: http://tools.cisco.com/

[FD] zTree v3 Security Advisory - XSS Vulnerability - CVE-2015-7348

2015-11-17 Thread Onur Yilmaz
Information Advisory by Netsparker. Name: Multiple XSS Vulnerabilities in zTree v3 Affected Software : zTree Affected Versions: v3.5.19.1 and possibly below Vendor Homepage : https://github.com/zTree/zTree_v3 Vulnerability Type : Cross-site Scripting Severity : Important Status