WordPress Ultimate Product Catalog plugin versions 3.8.1 and below suffer from a privilege escalation vulnerability.
Monthly Archives: June 2016
T-Mobile Czech Republic ‘suffers data leak’
T-Mobile Czech Republic has experienced a data leak, affecting 1.5 million of its customers, it has been claimed by local media.
The post T-Mobile Czech Republic ‘suffers data leak’ appeared first on We Live Security.
Skype For Business 2013 User Enumeration
Skype for Business 2013 suffers from a user enumeration timing attack vulnerability.
Desperate browser game housewives
Adult women are now the largest single demographic group in gaming according to a study released by the Entertainment Software Association.
The post Desperate browser game housewives appeared first on Avira Blog.
phpATM 1.32 Cross Site Request Forgery / Path Disclosure
phpATM versions 1.32 and below suffers from cross site request forgery and path disclosure vulnerabilities.
WordPress Gravity Forms 1.8.19 Shell Upload
WordPress Gravity Forms plugin version 1.8.19 suffers from a remote shell upload vulnerability.
phpATM 1.32 Remote Command Execution / Shell Upload
phpATM version 1.32 suffers from a remote shell upload vulnerability.
Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion
With MS16-063, Microsoft has patched CVE-2016-0199 which relates to a memory corruption bug in the garbage collector of the JavaScript engine used in Internet Explorer 11.
Tiki Wiki CMS Calendar Remote Code Execution
Tiki Wiki CMS Calendar versions 14.2, 12.5 LTS, 9.11 LTS, and 6.15 suffer from a remote code execution vulnerability.
ScarCruft APT Group Used Latest Flash Zero Day in Two Dozen Attacks
The ScarCruft APT gang has made use of a Flash zero day patched Thursday by Adobe to attack more than two dozen high-profile targets in Russia and Asia primarily.