[FD] List of Bug Bounty Programs INTERNATIONAL 427+ OFFICIAL - Bug Bounty Sheet

Title: List of Bug Bounty Programs INTERNATIONAL 427+ OFFICIAL - Bug Bounty Sheet Program Counts: Public (427+) & Silent (06) URL: http://www.vulnerability-lab.com/list-of-bug-bounty-programs.php Information: The "list of bug bounty" impact over 426+ international security programs world wide. Co

[FD] CVE-2015-8300: Polycom BToE Connector v2.3.0 Privilege Escalation Vulnerability

Title: Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges. Type of vulnerability: Privilege Escalation # Exploitation vector: local # Attack outcome: Code execution with SYSTEM privileges. Impact: CVS

[FD] : CVE-2015-8299 RCE Vulnerability in the KNX management software ETS

Title: Remote code execution vulnerability in the KNX management software ETS Category/Abstract: Buffer overflow vulnerability Product: ETS (Engineering Tool Software) Affected versions: * ETS 4.1.5 (Build 3246) *no other versions tested* Fixed in version: *unknown*

[FD] : CVE-2015-8298 SQL Injection Vulnerability in RXTEC RXAdmin

### RXTEC_20150513 Title: SQL injection vulnerability in the RXTEC RXAdmin Login Page allows remote attackers to execute arbitrary SQL commands via several HTTP parameter. Type of vulnerability: SQL injection # Attack outcome: It is possible to extract all information from the dat

[FD] Cross Site Scripting (XSS) 0day in SimpleViewer all versions

Cross Site Scripting (XSS) & Content spoofing in SimpleViewer all versions via remote xml payload [2015] #

Re: [FD] LiteCart 1.3.2: Multiple XSS

Hi, These vulnerabilities are similar, as both of them are issues with the query parameter of the search. However, the issue in version 1.1.2.1 exploits this line: This issue was fixed in version 1.2 by passing the query parameter to htmlspecialchars before passing it to sprint

[FD] Leak information on Huawei HG253s v2, Comtrend VG 8050 and ADB P.DGA4001N (HomeStation)

Huawei HG253s v2 Vodafone-Spain is starting to rent a new Huawei HG253v2 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @VicenDominguez Vulnerability Basically, it is not validating the session cookie in some administration webpa

[FD] [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE

Application:SAP NetWeaver Versions Affected: SAP NetWeaver 7.4, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Send: 16.04.2015 Reported: 16.04.2015 Vendor response: 16.04.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Securit

[FD] [ERPSCAN-15-019] SAP Afaria - Stored XSS

Application:SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Au

[FD] [ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import

Application:SAP Mobile Platform 2.3 Versions Affected: SAP Mobile Platform 2.3, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Send: 25.02.2015 Reported: 25.02.2015 Vendor response: 25.02.2015 Date of Public Advisory: 11.08.2015 Refere

[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS)

Celoxis <= 9.5 - Cross Site Scripting (XSS) Information Name: Celoxis <= 9.5 - Cross Site Scripting (XSS) Affected Software : Celoxis Affected Ver