date:20180115

[FD] [RT-SA-2017-013] Truncation of SAML Attributes in Shibboleth 2

2018-01-15 Thread RedTeam Pentesting GmbH

Advisory: Truncation of SAML Attributes in Shibboleth 2 RedTeam Pentesting discovered that the shibd service of Shibboleth 2 does not extract SAML attribute values in a robust manner. By inserting XML entities into a SAML response, attackers may truncate attribute values without breaking the docum

[FD] MagicSpam 2.0.13 - Insecure File Permission Vulnerability

2018-01-15 Thread Vulnerability Lab

Document Title: === MagicSpam 2.0.13 - Insecure File Permission Vulnerability References (Source): https://www.vulnerability-lab.com/get_content.php?id=2113 Release Date: = 2018-01-12 Vulnerability Laboratory ID (VL-ID): ===

[FD] Zenario v7.6 CMS - SQL Injection Web Vulnerability

2018-01-15 Thread Vulnerability Lab

Document Title: === Zenario v7.6 CMS - SQL Injection Web Vulnerability References (Source): https://www.vulnerability-lab.com/get_content.php?id=2043 Release Date: = 2018-01-16 Vulnerability Laboratory ID (VL-ID): ==

[FD] [RT-SA-2017-013] Truncation of SAML Attributes in Shibboleth 2

[FD] MagicSpam 2.0.13 - Insecure File Permission Vulnerability

[FD] Zenario v7.6 CMS - SQL Injection Web Vulnerability

3 matches

Site Navigation

Mail list logo

Footer information