Posted by Vulnerability Lab on Mar 30
Document Title:
===============
PayPal Bug Bounty #121 – (Profile) Filter Bypass & Persistent Web
Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1627
ID: EIBBP-32725
Video: http://www.vulnerability-lab.com/get_content.php?id=1697
Release Date:
=============
2016-03-30
Vulnerability Laboratory ID (VL-ID):
====================================
1627
Common Vulnerability Scoring…
You wouldn’t go on a walk naked – why go exposed online?
The post The new Avira Phantom VPN: Stop exposing yourself online! appeared first on Avira Blog.
PayPal suffered from a filter bypass vulnerability that allowed for malicious input into email.
Kaspersky Lab Launches New App for iOS for Avoiding Mobile Advertising
This Metasploit module exploits a directory traversal vulnerability in ATutor on an Apache/PHP setup with display_errors set to On, which can be used to allow us to upload a malicious ZIP file. On the web application, a blacklist verification is performed before extraction, however it is not sufficient to prevent exploitation. You are required to login to the target to reach the vulnerability, however this can be done as a student account and remote registration is enabled by default. Just in case remote registration isn’t enabled, this module uses 2 vulnerabilities in order to bypass the authentication.
HP Security Bulletin HPSBGN03444 2 – Potential vulnerabilities have been identified in HPE Network Automation. The vulnerabilities could allow remote code execution and disclosure of sensitive information. Revision 2 of this advisory.