Posted by Vulnerability Lab on Nov 07
Document Title:
===============
Schoolhos CMS v2.29 – (kelas) Data Siswa SQL Injection Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1931
Release Date:
=============
2016-11-07
Vulnerability Laboratory ID (VL-ID):
====================================
1931
Common Vulnerability Scoring System:
====================================
6.7
Product & Service Introduction:…
– fixed permissions of initramfs file, if microcode is prepended
(CVE-2016-8637)
– fixed permissions of initramfs file, if microcode is prepended
(CVE-2016-8637)
– fixed permissions of initramfs file, if microcode is prepended
(CVE-2016-8637)
Posted by Vulnerability Lab on Nov 07
Document Title:
===============
Edusson (Robotdon) BB – Client Side Cross Site Scripting Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1871
Release Date:
=============
2016-11-04
Vulnerability Laboratory ID (VL-ID):
====================================
1871
Common Vulnerability Scoring System:
====================================
3.4
Product & Service Introduction:…
Posted by Vulnerability Lab on Nov 07
Document Title:
===============
Edusson (Robotdon) BB – Filter Bypass & Persistent Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1870
Release Date:
=============
2016-11-03
Vulnerability Laboratory ID (VL-ID):
====================================
1870
Common Vulnerability Scoring System:
====================================
4.3
Product & Service Introduction:…
Simple PHP Blog version 0.4.0 suffers from a cross site scripting vulnerability.
Indian embassy websites in seven different countries have been hacked, and attackers have leaked personal data, including full name, residential address, email address, passport number and phone number, of Indian citizens living abroad.
This incident is extremely worrying because it involves diplomatic personnel working in the embassies that have always been a favorite target of
SweetRice version 1.5.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
Posted by Andrew Klaus on Nov 06
### Device Details
Vendor: Actiontec (Telus Branded)
Model: WCB3000N
Affected Firmware: v0.16.2.5
Device Manual: *http://static.telus.com/common/cms/files/internet/wifi_plus_extender.pdf
<http://static.telus.com/common/cms/files/internet/wifi_plus_extender.pdf>*
Reported: November 2015
Status: Fixed on newest pushed firmware version
CVE: Update is handled by the vendor, therefore no CVE needed.
The Telus Actiontec WCB3000N is a…