PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.
Monthly Archives: January 2017
Linux/x86_64 execve /bin/sh Shellcode
22 bytes small Linux/x86_64 execve /bin/sh shellcode.
DigitalSec 2017 Call For Papers
The DigitalSec 2017 Call For Papers has been announced. It will take place in Kuala Lumpur, Malaysia, on July 11th through the 13th, 2017.
Web Based TimeSheet Script SQL Injection
Web Based TimeSheet Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.
DSA-3773 openssl – security update
Several vulnerabilities were discovered in OpenSSL:
Bugtraq: Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability
Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability
Bugtraq: Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability
Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability
Bugtraq: [SECURITY] [DSA 3771-1] firefox-esr security update
[SECURITY] [DSA 3771-1] firefox-esr security update
Bugtraq: PEAR HTTP_Upload v1.0.0b3 Arbitrary File Upload
PEAR HTTP_Upload v1.0.0b3 Arbitrary File Upload
RHSA-2017:0205-1: Low: Red Hat CloudForms 3.x – 30 day End Of Life Notice
This is the 30 day notification for the End of Production Phase 2 of
Red Hat CloudForms 3.x.