Syncrify Server version 3.6 build 833 suffers from cross site request forgery and cross site scripting vulnerabilities.
Monthly Archives: May 2015
SynaMan 3.4 Build 1436 CSRF / Cross Site Scripting
SynaMan version 3.4 build 1436 suffers from cross site request forgery and cross site scripting vulnerabilities.
SynTail 1.5 Build 566 CSRF / Cross Site Scripting
SynTail version 1.5 build 566 suffers from cross site request forgery and cross site scripting vulnerabilities.
Docker Privilege Escalation / Information Disclosure
Docker versions prior to 1.6.1 suffer from privilege escalation and information disclosure vulnerabilities.
Pirelli Router P.DG-A4001N WPA Key Reverse Engineering Rev 2
This is proof of concept code that demonstrates reverse-engineering of the default WPA key generation algorithm used in ADB broadband Pirelli routers in Argentina and Portugal. Model P.DG-A4001N is affected. This is the second version of the exploit and adds support for MEO routers in Portugal.
Re: pydio vulnerabilities
Posted by Julius Kivimäki on May 08
https://github.com/pydio/pydio-core/commits/develop
https://github.com/pydio/pydio-core/commit/2049254e7a215491019d2646a274a8fb1cf29e3b
2015-05-07 1:32 GMT+03:00 Just A Fake <robottomonitorbugtraq () gmail com>:
MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web Security Vulnerabilities
Posted by Jing Wang on May 08
*MT.VERNON MEDIA Web-Design v1.12 Multiple XSS (Cross-site Scripting) Web
Security Vulnerabilities*
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple XSS Security
Vulnerabilities
Product: Web-Design
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory Publication: May 07, 2015
Latest Update: May 07, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS…
MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security Vulnerabilities
Posted by Jing Wang on May 08
*MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection Web Security
Vulnerabilities*
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 Multiple SQL Injection
Security Vulnerabilities
Product: Web-Design
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory Publication: May 08, 2015
Latest Update: May 08, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an
SQL Command (‘SQL…
MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security Vulnerabilities
Posted by Jing Wang on May 08
*MT.VERNON MEDIA Web-Design v1.12 HTML Injection Web Security
Vulnerabilities*
Exploit Title: MT.VERNON MEDIA Web-Design v1.12 “gallery.php?” &category
parameter HTML Injection Security Vulnerabilities
Product: Web-Design v1.12
Vendor: MT.VERNON MEDIA
Vulnerable Versions: v1.12
Tested Version: v1.12
Advisory Publication: May 08, 2015
Latest Update: May 08, 2015
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base…
Artnana Webboard version 1.4 XSS (Cross-site Scripting) Web Security Vulnerabilities
Posted by Jing Wang on May 08
*Artnana Webboard version 1.4 XSS (Cross-site Scripting) Web Security
Vulnerabilities*
Exploit Title: Artnana Webboard version 1.4 Multiple XSS Security
Vulnerabilities
Product: Webboard
Vendor: Artnana
Vulnerable Versions: version 1.4
Tested Version: version 1.4
Advisory Publication: May 09, 2015
Latest Update: May 09, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score:…