phplist 3.2.6: SQL Injection

Posted by Curesec Research Team (CRT) on Mar 17

Security Advisory – Curesec Research Team

1. Introduction

Affected phplist 3.2.6
Product:
Fixed in: 3.3.1
Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/
Link: phplist-3.3.1.zip/download
Vendor Website: https://www.phplist.org/
Vulnerability SQL Injection
Type:
Remote Yes
Exploitable:
Reported to 01/10/2017
vendor:
Disclosed to 02/20/2017
public:
Release mode: Coordinated…

phplist 3.2.6: XSS

Posted by Curesec Research Team (CRT) on Mar 17

Security Advisory – Curesec Research Team

1. Introduction

Affected phplist 3.2.6
Product:
Fixed in: 3.3.1
Fixed Version https://sourceforge.net/projects/phplist/files/phplist/3.3.1/
Link: phplist-3.3.1.zip/download
Vendor Website: https://www.phplist.org/
Vulnerability XSS
Type:
Remote Yes
Exploitable:
Reported to 01/10/2017
vendor:
Disclosed to 02/20/2017
public:
Release mode: Coordinated Release…

HumHub 1.0.1: XSS

Posted by Curesec Research Team (CRT) on Mar 17

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: HumHub 1.0.1 and earlier
Fixed in: 1.1.1
Fixed Version https://www.humhub.org/en/download/default/form?version=1.1.1
Link: &type=zip
Vendor Website: https://www.humhub.org/
Vulnerability XSS
Type:
Remote Yes
Exploitable:
Reported to 01/10/2016
vendor:
Disclosed to 03/17/2017
public:
Release mode: Coordinated…

HumHub 0.20.1 / 1.0.0-beta.3: Code Execution

Posted by Curesec Research Team (CRT) on Mar 17

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: HumHub 0.20.1 / 1.0.0-beta.3
Fixed in: 1.0.0
Fixed Version https://www.humhub.org/en/download/default/form?version=1.0.0
Link: &type=zip
Vendor Website: https://www.humhub.org/
Vulnerability Code Execution
Type:
Remote Yes
Exploitable:
Reported to 01/10/2016
vendor:
Disclosed to 03/17/2017
public:
Release mode:…

Statement from Kaspersky Lab on General Flynn Speaker Fee

“Kaspersky Lab’s subsidiary, Kaspersky Government Security Solutions (now KGSS Inc.), paid Gen. Flynn a speaker fee for remarks at the 2015 Government Cybersecurity Forum in Washington, DC, which brought together leading government, military, technology and policy experts to discuss the challenges and solutions for cybersecurity threats facing the government and related industries.

Sony Is Working On Mobile-to-Mobile Wireless Charging Technology

So you are in a party with your friends, and your phone is running low on battery. Oops!

The ideal solution is to charge your phone using a charger or a power bank, but not everyone carries power banks or chargers with them all the time, especially in a party.

What if you can charge your phone wirelessly using another phone when it runs out of battery?

Isn’t that great? Well, thanks to Sony,

Panda Security Detects 100% of malware, According to AV- Comparatives

Panda Security has obtained a 100% detection rate on February’s Real-World Protection Test from the independent labs of AV- Comparatives. The Real-World Test is recognized in the industry for providing an accurate reflection of the protection offered by cybersecurity solutions readily available on the market

Panda Security obtained the highest possible score, topping the list of twenty other providers that also underwent testing.

The analysis, which is available here, takes into account the same infection vectors that a user might experience on any normal day (browsing websites containing malicious content or exploits, running a virus received by email, etc.). In this case, Panda Free Antivirus was able to detect 100% of the malware to which it had been exposed. The fundamental objective of the Real-World Test is to determine if security solutions are able to protect the system as it is exposed to an array of malware samples.

Panda Security, 100% Detection and Zero False Positives in AV- Comparatives’ Most Rigorous Test

“We are especially pleased with the excellent results obtained in the AV-Comparatives Real-World Test because they validate our efforts to offer our users the best protection against all types of threats in real conditions. We are fully committed to the constant improvement of our solutions in order to provide maximum security levels with minimum performance impact, being more aggressive towards threats the bigger the risk of infection” said Alberto Añón, Consumer Product Manager in Panda Security

This result speaks to the success of the set of technologies present in the company’s cybersecurity solutions, ideal for all types of users, private or professional, and for everyone from freelancers to large corporations.

Panda Security has developed its products in response to the rapid evolution of malware in recent years. In this regard, it offers the most effective response to threats like ransomware and proves to be the best ally in the prevention, protection and response to the latest attacks.

Latest updates

The company recently launched their Panda Protection, the multi-device antivirus protection that adapts to the user’s needs through a monthly service subscription.

The post Panda Security Detects 100% of malware, According to AV- Comparatives appeared first on Panda Security Mediacenter.