Posted by Dan Ballance on Feb 13

Does anyone know if Microsoft have patched this yet?

Posted by Alfie John on Feb 13

If this does work, you’d be able to enumerate _all_ Facebook users and
delete _all_ public comments. I’d say that’s pretty critical.

Alfie

Posted by Steffen Rösemann on Feb 13

Advisory: Reflecting XSS vulnerabitlies, unrestricted file upload and
underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta
version)
Advisory ID: SROEADV-2015-14
Author: Steffen Rösemann
Affected Software: Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version)
Vendor URL: https://github.com/kneecht/adminsystems
Vendor Status: will be patched
CVE-ID: –

==========================
Vulnerability Description:…

Posted by Peter Adkins on Feb 13

Reported by:
—-
Peter Adkins <peter.adkins () kernelpicnic.net>

Access:
—-
Local network; unauthenticated access.
Remote network; unauthenticated access*.

Tracking and identifiers:
—-
CVE – Mitre contacted; not yet allocated.

Platforms / Firmware confirmed affected:
—-
NetGear WNDR3700v4 – V1.0.0.4SH
NetGear WNDR3700v4 – V1.0.1.52
NetGear WNR2200 – V1.0.1.88
NetGear WNR2500 – V1.0.0.24

Additional platforms believed to be…

Posted by W S on Feb 13

The vulnerability is related to the insufficient filtration in HTMLawed. Existing filter can be bypassed and paste
into the HTML tag <img> onerror event, that leads to stored XSS.

I notified the developers of existing vulnerabilities and they closed it in version 2.1.1

proof:
http://vanillaforums.org/discussion/27540/vanilla-2-1-1-important-security-bug-release

vulnerable versions:
2.0 to 2.1.1
maybe 1.* versions

my XSS exploit:…

Posted by Paul McMillan on Feb 13

Seen this?

https://github.com/altf4/untwister

http://www.irongeek.com/i.php?page=videos/bsideslasvegas2014/bg04-untwisting-the-mersenne-twister-how-i-killed-the-prng-moloch

-Paul

Posted by Scott Arciszewski on Feb 13

Since my last post, I have learned from Andrew Nacin (the lead developer of
WordPress and security team member that I was corresponding with) that my
emails weren’t ignored, they were lost to an aggressive spam filter.

Despite this, he has admitted fault for not following up on the bug report.

Before the spam filter blackholed my emails, I was communicating with the
security team about a separate enhancement (using openssl to sign their…

Posted by Jing Wang on Feb 13

*CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security
Vulnerabilities*

Exploit Title: vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities
Product: vBulletin Forum
Vendor: vBulletin
Vulnerable Versions: 5.1.3 5.0.5 4.2.2 3.8.7 3.6.7 3.6.0 3.5.4
Tested Version: 5.1.3 4.2.2
Advisory Publication: Feb 12, 2015
Latest Update: Feb 12, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-9469
CVSS…

Posted by Jing Wang on Feb 13

*CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities*

Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Security
Vulnerabilities
Product: Cit-e-Access
Vendor: Cit-e-Net
Vulnerable Versions: Version 6
Tested Version: Version 6
Advisory Publication: Feb 12, 2015
Latest Update: Feb 12, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-8753
CVSS Severity (version 2.0):
CVSS v2…

Posted by Brandon Perry on Feb 13

Couldn’t find anyone to contact regarding this, so dropping it.

eTouch SamePage v4.4.0.0.239 multiple vulnerabilities

http://www.etouch.net/products/samepage/index.html

Enterprise trial was installed in an Ubuntu virtual machine with MySQL. By default, the listening port is 18080.

Required on the Ubuntu machine to install the SamePage binary successfully:
sudo apt-get install libstdc++6:i386 libc6:i386 libXext6:i386 mysql-server

Trial…