In 2007, David Harley and Andrew Lee suggested at Virus Bulletin that poorly-designed phish quizzes did more harm than good. Has the picture changed much?
The post Phish Phood for Thought appeared first on We Live Security.
Monthly Archives: May 2015
JSPAdmin 1.1 SQL Injection / CSRF / Cross Site Scripting
JSPAdmin version 1.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
22 SOHO Router Vulnerabilities Discovered
SOHO routers have been found vulnerable to privilege escalation, information disclosure, cross site request forgery, cross site scripting, authentication bypass, denial of service, and various other vulnerabilities.
HP Security Bulletin HPSBHF03340 1
HP Security Bulletin HPSBHF03340 1 – A potential security vulnerability has been identified with HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard. The vulnerability could result in local unauthorized access and elevation of privilege on an HP thin client device. Revision 1 of this advisory.
Bugtraq: DbNinja 3.2.6 Flash XSS Vulnerabilities
DbNinja 3.2.6 Flash XSS Vulnerabilities
Bugtraq: [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices
[SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices
Bugtraq: Audacity 2.0.5 contains Arbitrary DLL Injection Code Execution
Audacity 2.0.5 contains Arbitrary DLL Injection Code Execution
Bugtraq: [security bulletin] HPSBHF03340 rev.1 – HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege
[security bulletin] HPSBHF03340 rev.1 – HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege
Invision Power Board 3.4.7 SQL Injection
Invision Power Board versions 3.4.7 and below suffer from a remote SQL injection vulnerability.
Vevocart 6.1.0 Open Redirect
Vevocart version 6.1.0 suffers from an open redirection vulnerability.