Splunk version 6.1.1 suffers from a Referer header cross site scripting vulnerability.
Monthly Archives: January 2017
My Link Trader 1.1 SQL Injection
My Link Trader version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Advanced Desktop Locker 6.0.0 Bypass
Advanced Desktop Locker version 6.0.0 suffers from a bypass vulnerability.
DirectAdmin Control Panel 1.50.1 Denial Of Service
DirectAdmin Control Panel version 1.50.1 suffers from a denial of service vulnerability.
DSA-3754 tomcat7 – security update
It was discovered that incorrect error handling in the NIO HTTP
connector of the Tomcat servlet and JSP engine could result in
information disclosure.
DSA-3755 tomcat8 – security update
It was discovered that incorrect error handling in the NIO HTTP
connector of the Tomcat servlet and JSP engine could result in
information disclosure.
YSTS 11th Edition Call For Papers
The 11th edition of YSTS (You Shot The Sheriff) has announced its call for papers. It will be held in Sao Paulo, Brazil on May 22nd, 2017.
Bugtraq: QuickBooks 2017 Admin Credentials Disclosure
QuickBooks 2017 Admin Credentials Disclosure
Trango Altum AC600 Default Root Login
Trango Altum AC600 suffers from a default root login backdoor vulnerability.
dbus-sharp-0.7.0-16.el6 dbus-sharp-glib-0.5.0-14.el6 mono-4.2.4-9.el6
major upgrade from Mono 2.10 to 4.2