Posted by dxw Security on Jul 28
Details
================
Software: Flickr Justified Gallery
Version: 3.3.6
Homepage: https://wordpress.org/plugins/flickr-justified-gallery/
Advisory report:
https://security.dxw.com/advisories/reflected-xss-in-flickr-justified-gallery-could-allows-unauthenticated-attackers-to-do-almost-anything-an-admin-can-do/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)
Description
================
Reflected XSS in Flickr Justified…
phpFileManager version 0.9.8 suffers from a remote command execution vulnerability.
Basware Banking/Maksuliikenne software suffers from hard-coded credentials, client-side auth checks, and other issues.
Security experts and non security experts take very different attitudes to staying safe online, according to new research.
The post New report explains gulf between security experts and non-experts appeared first on We Live Security.
WordPress Flickr Justified Gallery plugin version 3.3.6 suffers from a cross site scripting vulnerability.
McAfee Application Control version 6.1.3.353 suffers from multiple vulnerabilities including insufficient whitelist protection and bypass issues.
Apple iTunes & AppStore – Filter Bypass & Persistent Invoice Vulnerability
Another Snorby 2.6.2 – Stored Cross-site Scripting Vulnerability
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne