Security

NETGEAR ADSL Router JNR1010 1.0.0.16 Authenticated Remote File Disclosure

November 8, 2016 007admin

NETGEAR ADSL router JNR1010 with firmware version 1.0.0.16 suffers from a file disclosure vulnerability.

Security

D-Link ADSL Router DSL-2730U IN_1.02 Remote File Disclosure

November 8, 2016 007admin

D-Link ADSL router DSL-2730U with firmware version IN_1.02 suffers from a file disclosure vulnerability.

Security

MOVISTAR ADSL Router BHS_RTA BHS_RTA_C0_019 Remote File Disclosure

November 8, 2016 007admin

MOVISTAR ADSL router BHS_RTA BHS_RTA_C0_019 suffers from a file disclosure vulnerability.

Security

WordPress Caldera Forms 1.3.5.3 Cross Site Scripting

November 8, 2016 007admin

WordPress Caldera Forms plugin version 1.3.5.3 suffers from a cross site scripting vulnerability.

Security

WordPress Quotes Collection 2.0.5 Cross Site Scripting

November 8, 2016 007admin

WordPress Quotes Collection plugin version 2.0.5 suffers from a cross site scripting vulnerability.

Security

WordPress YITH WooCommerce Compare 2.0.9 PHP Object Injection

November 8, 2016 007admin

WordPress YITH WooCommerce Compare plugin version 2.0.9 suffers from a PHP object injection vulnerability.

Security

Bart Ransomware (Win32/Filecoder.Bart) (Kidnapping) Resource Hacking

November 8, 2016 007admin

This report explains the ability to change the code of Bart. An attacker can edit the code and seamlessly put their own dark website with a different Bitcoin account.

US-CERT

Adobe Releases Security Updates

November 8, 2016 007admin

Original release date: November 08, 2016

Adobe has released security updates to address vulnerabilities in Flash Player and Connect. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-37 and APSB16-35 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Security

Adobe Patches Nine Code Execution Flaws in Flash Player

November 8, 2016 007admin

Adobe again released a security update for Flash Player, patching nine remote code execution vulnerabilities. Adobe Connect for Windows was also updated.

Full Disclosure

Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin

November 8, 2016 007admin

Posted by Summer of Pwnage on Nov 08

————————————————————————
Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin
————————————————————————
Alyssa Milburn <amilburn.at.zall.org>, July 2016

————————————————————————
Abstract
————————————————————————
A stored Cross-Site…

007 Software

Monthly Archives: November 2016

NETGEAR ADSL Router JNR1010 1.0.0.16 Authenticated Remote File Disclosure

D-Link ADSL Router DSL-2730U IN_1.02 Remote File Disclosure

MOVISTAR ADSL Router BHS_RTA BHS_RTA_C0_019 Remote File Disclosure

WordPress Caldera Forms 1.3.5.3 Cross Site Scripting

WordPress Quotes Collection 2.0.5 Cross Site Scripting

WordPress YITH WooCommerce Compare 2.0.9 PHP Object Injection

Bart Ransomware (Win32/Filecoder.Bart) (Kidnapping) Resource Hacking

Adobe Releases Security Updates

Adobe Patches Nine Code Execution Flaws in Flash Player

Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin

Software and Security Information