Posted by Nitin Venkatesh on Jun 15

# Title: Cross-Site Request Forgery Vulnerability in Users to CSV WordPress
Plugin v1.4.5
# Submitter: Nitin Venkatesh
# Product: Users to CSV WordPress Plugin
# Product URL: https://wordpress.org/plugins/users-to-csv/ (disabled)
# Plugin SVN URL: https://plugins.svn.wordpress.org/users-to-csv/ (active)
# Vulnerability Type: Cross-site Request Forgery [CWE-352]
# Affected Versions: v1.4.5 and possibly below.
# Tested versions: v1.4.5
# Fixed…

Posted by RedTeam Pentesting GmbH on Jun 15

Advisory: SQL Injection in TYPO3 Extension Akronymmanager

An SQL injection vulnerability in the TYPO3 extension “Akronymmanager”
allows authenticated attackers to inject SQL statements and thereby read
data from the TYPO3 database.

Details
=======

Product: sb_akronymmanager
Affected Versions: <=0.5.0
Fixed Versions: 7.0.0
Vulnerability Type: SQL Injection
Security Risk: medium
Vendor URL:…

Posted by Mustafa Al-Bassam on Jun 14

Advisory: E-Detective Lawful Interception System
multiple security vulnerabilities
Date: 14/06/2015
CVE: unassigned
Authors: Mustafa Al-Bassam (https://musalbas.com)
slipstream/RoL (https://twitter.com/TheWack0lian)
Software: Decision Group E-Detective Lawful Interception System
Vendor URL: http://www.edecision4u.com/

Software description:

“E-Detective is a…

Posted by Bruno Luiz on Jun 14

Impact

A non-privileged use could cause a local Denial-of-Service (DoS) condition by triggering a kernel panic through a
malformed ELF
executable.

The kernel panic is reached at the UVM (virtual memory) subsystem. There are different if-else validations inside
uvm_map(),and
uvm_map_vmspace_update() is called in the last else block as follows:

sys/uvm/uvm_map.c:
if (flags & UVM_FLAG_FIXED) {
…
} else if (*addr != 0 && (*addr…

Posted by sec () inventropy us on Jun 13

============================================================
Info
============================================================
Affects: Yoast WordPress SEO Plugin <= 2.1.1
Download URL: https://wordpress.org/plugins/wordpress-seo/
Advisory URL: https://inventropy.us/blog/yoast-seo-plugin-cross-site-scripting-vulnerability/
Acknowledgement: https://wordpress.org/plugins/wordpress-seo/changelog/…

Posted by Aras Pranckevicius on Jun 12

Hi,

According to SPIR-V spec,
OpVectorTimesScalar’s first source operand is vector and secondary is scalar,
and OpMatrixTimesScalar’s first source operand is matrix and secondary is
scalar.

But it seems the token order generated by glslangValidator isn’t consistant
with sepc.

It is better if you can update glslangValidator to match spec’s behavior.

following is a simple sample, in case you need it.
Example:
GLSL soruce:…

Posted by Stas Volfus on Jun 11

Advisory: Adobe Connect Reflected XSS
Author: Stas Volfus (Bugsec Information Security LTD)
Vendor URL: http://www.adobe.com/
Status: Vendor Notified

==========================
Vulnerability Description
==========================

Adobe Connect (Central) version: 9.3 is vulnerable to Reflected XSS
(Cross Site Scripting).

The attack allows execution of arbitrary JavaScript in the context…

Posted by Peter Adkins on Jun 11

—-
Discovered by:
—-
Peter Adkins <peter.adkins () kernelpicnic net>

—-
Access:
—-
Local network; unauthenticated access.

—-
Tracking and identifiers:
—-
CVE – None allocated.

—-
Platforms / Firmware confirmed affected:
—-
D-Link DSP-W110 (Rev A) – v1.05b01

—-
Notes:
—-
* There appears to be a number of references to both ‘miiiCasa’ as well as
‘fitivision’ throughout the firmware, which may…

Posted by Larry W. Cashdollar on Jun 11

Title: Path Traversal vulnerability in WordPress plugin se-html5-album-audio-player v1.1.0
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-06
Advisory: http://www.vapid.dhs.org/advisory.php?v=124
Download Site: https://wordpress.org/plugins/se-html5-album-audio-player/
Vendor: https://profiles.wordpress.org/sedevelops/
Vendor Notified: 2015-06-06
Vendor Contact: https://profiles.wordpress.org/sedevelops/
Description:
An HTML5 Album Audio…

Posted by Jing Wang on Jun 11

*FC2 & Rakuten Online Websites Multiple XSS (Cross-site Scripting) and Open
Redirect Cyber Vulnerabilities *

FC2 and Rakuten are the first and second top ranking Japanese local online
websites. This post introduces several XSS (Cross-site Scripting) and Open
Redirect bugs of them.

The Alexa rank of fc2.com is 52 on February 18 2015 and the related rank in
Japan is 4. The Alexa rank of rakuten.co.jp is 64 on May 29 2015 and the
related rank…