Full Disclosure
Posted by Larry W. Cashdollar on Apr 05
Hello Folks,
You can get php execution by using the file extension .phtml for both of these advisories. I’m currently updating the
advisories and the vendor.
Try using an uncommon extension not defined in /etc/mime.types.
$ grep “#app” /etc/mime.types
#application/vnd.ms-pki.stl stl
#application/x-httpd-eruby rhtml
#application/x-httpd-php…
Posted by Jing Wang on Apr 05
*Proverbs Web Calendar 2.1.2 XSS (Cross-site Scripting) Security
Vulnerabilities*
Exploit Title: Proverbs Web Calendar /calendar.php Multiple Parameters XSS
(Cross-site Scripting) Security Vulnerabilities
Vendor: Proverbs
Product: Proverbs Web Calendar
Vulnerable Versions: 1.0.0 1.1 1.2.2 2.1 2.1.2
Tested Version: 1.2.2 2.1
Advisory Publication: April 03, 2015
Latest Update: April 03, 2015
Vulnerability Type: Cross-Site Scripting…
Posted by Jing Wang on Apr 05
*6kbbs v8.0 XSS (Cross-site Scripting) Security Vulnerabilities*
Exploit Title: 6kbbs XSS (Cross-site Scripting) Security Vulnerabilities
Vendor: 6kbbs
Product: 6kbbs
Vulnerable Versions: v7.1 v8.0
Tested Version: v7.1 v8.0
Advisory Publication: April 02, 2015
Latest Update: April 02, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 4.3 (MEDIUM)…
Posted by Jing Wang on Apr 05
*6kbbs v8.0 Multiple CSRF (Cross-Site Request Forgery) Security
Vulnerabilities*
Exploit Title: 6kbbs Multiple CSRF (Cross-Site Request Forgery) Security
Vulnerabilities
Vendor: 6kbbs
Product: 6kbbs
Vulnerable Versions: v7.1 v8.0
Tested Version: v7.1 v8.0
Advisory Publication: April 02, 2015
Latest Update: April 02, 2015
Vulnerability Type: Cross-Site Request Forgery (CSRF) [CWE-352]
CVE Reference: *
CVSS Severity (version 2.0):
CVSS v2 Base…
Posted by ITAS Team on Apr 05
#Vulnerability title: WordPress plugin Simple Ads Manager – Arbitrary File
Upload
#Product: WordPress plugin Simple Ads Manager
#Vendor: https://profiles.wordpress.org/minimus/
#Affected version: Simple Ads Manager 2.5.94
#Download link: https://wordpress.org/plugins/simple-ads-manager/
#CVE ID: CVE-2015-2825
#Author: Tran Dinh Tien (tien.d.tran () itas vn) & ITAS Team
::PROOF OF CONCEPT::
+ REQUEST
POST…
Posted by ITAS Team on Apr 05
#Vulnerability title: WordPress plugin Simple Ads Manager – Multiple SQL
Injection
#Product: WordPress plugin Simple Ads Manager
#Vendor: https://profiles.wordpress.org/minimus/
#Affected version: Simple Ads Manager 2.5.94 and 2.5.96 #Download link:
https://wordpress.org/plugins/simple-ads-manager/
#CVE ID: CVE-2015-2824
#Author: Le Hong Minh (minh.h.le () itas vn) & ITAS Team
::PROOF OF CONCEPT::
—SQL INJECTION 1—
+ REQUEST:
POST…
Posted by ITAS Team on Apr 05
#Vulnerability title: WordPress plugin Simple Ads Manager – SQL Injection
#Product: WordPress plugin Simple Ads Manager
#Vendor: https://profiles.wordpress.org/minimus/
#Affected version: Simple Ads Manager 2.5.94 and 2.5.96
#Download link: https://wordpress.org/plugins/simple-ads-manager/
#CVE ID: CVE-2015-2824
#Author: Le Hong Minh (minh.h.le () itas vn) & ITAS Team
::PROOF OF CONCEPT::
—SQL INJECTION 1—
+ REQUEST:
POST…
Posted by VMware Security Response Center on Apr 02
————————————————————————
VMware Security Advisory
Advisory ID: VMSA-2015-0003
Synopsis: VMware product updates address critical information
disclosure issue in JRE.
Issue date: 2015-04-02
Updated on: 2015-04-02 (Initial Advisory)
CVE number: CVE-2014-6593, for other CVEs see JRE reference…
Posted by Tod Beardsley on Apr 01
# Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936)
## Product Description
Ceragon produces a series of ruggedized, microwave backhaul devices used
to provide connectivity to mobile, IP-based devices; usually, these
devices are found in either large industrial environments, or installed
on towers to provide “middle-mile” connectivity to mobile customers on
behalf of ISPs. In other words, a FibeAir IP-10 typically act as a…
Posted by Antonio Quina on Apr 01
We have released SPARTA 1.0.2 BETA with some bug fixes and new features.
Read about it:
http://sparta.secforce.com/2015/03/sparta-1-0-2-beta-released/
Download:
https://github.com/SECFORCE/sparta