Posted by Tien Tran Dinh on Jan 21

#Vulnerability title: Arbitrary File Upload in articleFR CMS 3.0.5

#Product: articleFR CMS

#Vendor: http://freereprintables.com

#Download link: https://github.com/articlefr/articleFR

#Affected version: version 3.0.5

#Fixed version: N/A

#Author: Tran Dinh Tien (tien.d.tran () itas vn) & ITAS Team (www.itas.vn)

::DESCRITION::

– Vulnerabilities related to the upload of unexpected file types is unique
in that the upload should quickly…

Posted by SECUPENT Research Center on Jan 20

Exploit Title: WebGUI 7.10.29 stable version Cross site scripting vulnerability
Software Link: http://www.webgui.org/download
Author: SECUPENT
Website:www.secupent.com
Email: research{at}secupent{dot}com
Date: 17-1-2015
Version: 7.10.29. Previous version maybe vulnerable also.

Vulnerable area: http://localhost/style-underground/search

XSS PoC: 1″ onmouseover=prompt(907460) bad=”

Screenshot:
Link:…

Posted by Paris Zoumpouloglou on Jan 20

———-
Background
———-

Vorbis tools is a package containing tools to use, manipulate and create
Vorbis files.

—————-
Software Version
—————-

All tests were performed using vorbis-tools latest svn (Revision: 19440)

———–
Description
———–

During a fuzzing session (using afl-fuzzer) two issues were discovered
in oggenc tool of vorbis-tools :

* a division by zero bug
* an integer overflow leading to…

Posted by Damien Cauquil on Jan 20

Introduction
============

Since 2010, Sysdream organizes the “Hack In Paris” event in Paris,
France. Aiming to bring together security professionals and enthusiasts,
Hack In Paris will focus on the latest advances in IT security. Hack In
Paris will be held at a totally new location in Paris from June 15th to
19th, 2015.

The Nuit Du Hack will take place on June 20th at the same place.

Topics
======

The following list contains major…

Posted by Cristiano Maruti on Jan 20

===============================================================================
title: Virtual Appliance Security Review
case id: CM-2013-01
product: Barracuda Load Balancer ADC
vulnerability type: Multiple
severity: Medium to High
found: 2013-12-13
by: Cristiano Maruti (@cmaruti)…

Posted by Advisories on Jan 20

Mogwai Security Advisory MSA-2015-01
———————————————————————-
Title: WP Pixarbay Images Multiple Vulnerabilities
Product: Pixarbay Images (WordPress Plugin)
Affected versions: 2.3
Impact: high
Remote: yes
Product link: https://wordpress.org/plugins/pixabay-images/
Reported: 14/01/2015
by: Hans-Martin Muench (Mogwai,…

Posted by Vulnerability Lab on Jan 19

Document Title:
===============
Banana Dance Wiki CMS b2.x – Multiple Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1407

Release Date:
=============
2015-01-16

Vulnerability Laboratory ID (VL-ID):
====================================
1407

Common Vulnerability Scoring System:
====================================
8.1

Product & Service Introduction:…

Posted by Vulnerability Lab on Jan 19

Document Title:
===============
SPSControl v1.2 iOS – (.spc) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1404

Release Date:
=============
2015-01-16

Vulnerability Laboratory ID (VL-ID):
====================================
1404

Common Vulnerability Scoring System:
====================================
3.7

Product & Service Introduction:…

Posted by Veysel hataş on Jan 18

Title : VLC Player 2.1.5 DEP Access Violation Vulnerability
Discoverer: Veysel HATAS (@muh4f1z)
Web page : www.binarysniper.net
Vendor : VideoLAN VLC Project
Test: Windows XP SP3
Status: Not Fixed
Severity : High

CVE ID : CVE-2014-9597
OSVDB ID : 116450 <http://osvdb.org/show/osvdb/116450>
VLC Ticket : 13389 <https://trac.videolan.org/vlc/ticket/13389>

Discovered : 24 November 2014
Reported : 26 December 2014
Published : 9…

Posted by Thomas Hibbert on Jan 18

( , ) (,
. ‘.’ ) (‘. ‘,
). , (‘. ( ) (
(_,) .’), ) _ _,
/ _____/ / _ ____ ____ _____
____ ==/ /_ _/ ___/ _ /
/ / | \ __( <_> ) Y Y
/______ /___|__ / ___ >____/|__|_| /
/ /.-. / /:wq
(x.0)
‘=.|w|.=’
_=”””=….