Full Disclosure
Posted by Eric Flokstra on Feb 21
====================================================
Product: Easy Social Icons WordPress plugin
Vendor: CyberNetikz
Tested Version: 1.2.2
Vulnerability Type: XSS [CWE-79] and CSRF [CWE-352]
Risk Level: Medium
Solution Status: Solved in version 1.2.3
Discovered and Provided: Eric Flokstra – ITsec Security Services
====================================================
[-] About the Vendor:
Easy Social Icons is a WordPress plugin and can be used to…
Posted by Eric Flokstra on Feb 21
====================================================
Product: WooCommerce WordPress plugin
Vendor: WooThemes
Tested Version: 2.2.10
Vulnerability Type: Cross-Site Scripting [CWE-79]
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Solved in version 2.2.11
Discovered and Provided: Eric Flokstra – ITsec Security Services
====================================================
[-] About the Vendor:
WooCommerce is…
Posted by Timo Schmid on Feb 18
PHP Code Execution in jui_filter_rules Parsing Library
======================================================
Researcher: Timo Schmid <tschmid () ernw de>
Description
===========
jui_filter_rules[1] is a jQuery plugin which allows users to generate a
ruleset
which could be used to filter datasets inside a web application.
The plugin also provides a PHP library to turn the user submitted
ruleset into
SQL where statements for server side…
Posted by Ricardo Iramar dos Santos on Feb 18
Oren Hafif reported a new kind of attack called Reflected File Download (
https://www.blackhat.com/eu-14/briefings.html#reflected-file-download-a-new-web-attack-vector)
in Black Hat Europe 2014 conference.
More details about the attack you can found in his public presentation:
https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf
.
Google and Bing have already fixed the vulnerability but…
Posted by Steffen Rösemann on Feb 18
Advisory: Reflecting XSS- and SQL Injection vulnerability in CMS Piwigo <=
v. 2.7.3
Advisory ID: SROEADV-2015-06
Author: Steffen Rösemann
Affected Software: CMS Piwigo <= v. 2.7.3 (Release date: 9th January 2015)
Vendor URL: http://piwigo.org
Vendor Status: patched
CVE-ID: –
==========================
Vulnerability Description:
==========================
Piwigo <= v. 2.7.3 suffers from a reflecting XSS and a SQL injection in its…
Posted by Stiehl on Feb 18
Multiple vulnerabilities have been identified in GLPI
(http://www.glpi-project.org).
1/ Arbitrary file upload
Severity: Important
Versions Affected
===========
All versions between 0.85 and 0.85.2
Description
=======
When an user wants to create a new ticket, he has the possibility to add
an attachment. If for example he wants to add a file named “test.php”
with or without adding the ticket, the file will be temporary uploaded
to…
Posted by Rehan Ahmed on Feb 18
========================================================
I. Overview
========================================================
Multiple CSRF & Cross-Site Scripting (XSS) vulnerabilities have been identified in
Crushftp 7.2.0 (Web Interface) on default configuration. These vulnerabilities allows
an attacker to gain control over valid user accounts, perform operations
on their behalf, redirect them to malicious sites, steal their…
Posted by Jing Wang on Feb 18
*CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site
Scripting) Security Vulnerabilities*
Exploit Title: InstantASP InstantForum.NET Multiple XSS (Cross-Site
Scripting) Security Vulnerabilities
Product: InstantForum.NET
Vendor: InstantASP
Vulnerable Versions: v4.1.3 v4.1.1 v4.1.2 v4.0.0 v4.1.0 v3.4.0
Tested Version: v4.1.3 v4.1.1 v4.1.2
Advisory Publication: Feb 18, 2015
Latest Update: Feb 18, 2015
Vulnerability…
Posted by Jing Wang on Feb 18
DLGuard SQL Injection Security Vulnerabilities
Exploit Title: DLGuard /index.php c parameter SQL Injection Security
Vulnerabilities
Product: DLGuard
Vendor: DLGuard
Vulnerable Versions: v4.5
Tested Version: v4.5
Advisory Publication: Feb 18, 2015
Latest Update: Feb 18, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an
SQL Command (‘SQL Injection’) (CWE-89)
CVE Reference: *
Credit: Wang Jing [Mathematics, Nanyang…
Posted by Jing Wang on Feb 18
*DLGuard Full Path Disclosure (Information Leakage) Security
Vulnerabilities*
Exploit Title: DLGuard /index.php c parameter Full Path Disclosure Security
Vulnerabilities
Product: DLGuard
Vendor: DLGuard
Vulnerable Versions: v4.5
Tested Version: v4.5
Advisory Publication: Feb 18, 2015
Latest Update: Feb 18, 2015
Vulnerability Type: Information Exposure [CWE-200]
CVE Reference: *
Credit: Wang Jing [Mathematics, Nanyang Technological University,…