Full Disclosure
Posted by Jing Wang on Mar 07
*Webshop hun v1.062S Information Leakage (Full Path Disclosure – FPD)
Security Vulnerabilities*
Exploit Title: Webshop hun v1.062S /index.php termid parameter Information
Leakage Security Vulnerabilities
Product: Webshop hun
Vendor: Webshop hun
Vulnerable Versions: v1.062S
Tested Version: v1.062S
Advisory Publication: March 07, 2015
Latest Update: March 07, 2015
Vulnerability Type: Information Exposure [CWE-200]
CVE Reference: *
Impact CVSS…
Posted by Jing Wang on Mar 07
*NetCat CMS Multiple XSS (Cross-site Scripting) Security Vulnerabilities*
Exploit Title: NetCat CMS Multiple XSS Security Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Tested Version: 3.12
Advisory Publication: March 07, 2015
Latest Update: March 07, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS…
Posted by Jing Wang on Mar 07
*NetCat CMS Multiple HTTP Response Splitting (CRLF) Security
Vulnerabilities*
Exploit Title: NetCat CMS Multiple CRLF Security Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 5.01 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Tested Version: 3.12
Advisory Publication: Mar 07, 2015
Latest Update: Mar 07, 2015
Vulnerability Type: Improper Neutralization of CRLF Sequences (‘CRLF…
Posted by Jing Wang on Mar 07
*WordPress Daily Edition Theme v1.6.2 Unrestricted Upload of File Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme v1.6.2 /thumb.php src
Parameter Unrestricted Upload of File Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.2
Tested Version: v1.6.2
Advisory Publication: Mar 07, 2015
Latest Update: Mar 07, 2015
Vulnerability Type: Unrestricted Upload of File with…
Posted by Jing Wang on Mar 07
*WordPress Daily Edition Theme v1.6.2 SQL Injection Security
Vulnerabilities*
Exploit Title: WordPress Daily Edition Theme v1.6.2 /fiche-disque.php id
Parameters SQL Injection Security Vulnerabilities
Product: WordPress Daily Edition Theme
Vendor: WooThemes
Vulnerable Versions: v1.6.2
Tested Version: v1.6.2
Advisory Publication: Mar 07, 2015
Latest Update: Mar 07, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an…
Posted by paul . szabo on Mar 06
Yes, they changed the wording since I wrote that! Noting that 7u75/76
are not new now, but were released in January.
Seems that 8u40 is simply a useability release; previous must have been
very bad, unusual that Oracle would release out-of-band.
Thanks, Paul
Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Posted by Guy Dawson on Mar 06
My reading of the first WWW page is that only Java SE 7 u75/76 contains
security fixes and that there are no security fixes in Java SE 8 u40.
Posted by Robert Święcki on Mar 06
2015-03-03 18:38 GMT-08:00 Christophe Hauser <christophe () cs ucsb edu>:
I’m not sure if that’s what you look for, but certain perf operations
leak one or two addresses from the kernel space in the default Ubuntu
configuration. It’s possible to write a short PoC, but it might take a
few mins, instead feel free to to compile and use
https://code.google.com/p/honggfuzz/source/checkout – which serves
other purpose, but uses…
Posted by ITAS Team on Mar 05
#Vulnerability title: ProjectSend r561 – SQL injection vulnerability
#Product: ProjectSend r561
#Vendor: http://www.projectsend.org/
#Affected version: ProjectSend r561
#Download link: http://www.projectsend.org/download/67/
#Fixed version: N/A
#Author: Le Ngoc Phi (phi.n.le () itas vn) & ITAS Team (www.itas.vn)
::PROOF OF CONCEPT::
+ REQUEST:
GET /projectsend/users-edit.php?id=<SQL INJECTION HERE> HTTP/1.1
Host: target.org…
Posted by Gsunde Orangen on Mar 05
I’d be interested in that, too.
In case this out-of-band release is about an important security fix,
then either this is something new (details still to be disclosed).
Or it is associated with CVE-2014-6593 (e.g. incomplete or buggy fix in
the January release)? The detais (named as “SKIP-TLS”) had been
disclosed just this week along with the “FREAK” attack (see
https://www.smacktls.com/#skip). Former descriptions of…