Full Disclosure
Posted by Rv3Lab.org on Aug 12
###################################################
01. ### Advisory Information ###
Title: Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime
Edition (Build 8)
Date published: n/a
Date of last update: n/a
Vendors contacted: ColoradoFTP author Sergei Abramov
Discovered by: Rv3Laboratory [Research Team]
Severity: High
02. ### Vulnerability Information ###
OVE-ID: OVE-20160718-0006
CVSS v2 Base Score: 8.5
CVSS v2 Vector:…
Posted by Dawid Golunski on Aug 12
vBulletin
CVE-2016-6483
vBulletin software is affected by a SSRF vulnerability that allows
unauthenticated remote attackers to access internal services (such as mail
servers, memcached, couchDB, zabbix etc.) running on the server
hosting vBulletin as well as services on other servers on the local
network that are accessible from the target.
The following versions are affected:
vBulletin <= 5.2.2
vBulletin <= 4.2.3
vBulletin <=…
Posted by Pedro Ribeiro on Aug 12
tl;dr
RCE, file download, weak encryption and user impersonation, all of which
can be exploited by an unauthenticated attacker in WebNMS Framework 5.2
and 5.2 SP1.
A special thanks to Beyond Security and their SSD program, which helped
disclose the vulnerabilities. See their advisory at
https://blogs.securiteam.com/index.php/archives/2712
My full advisory can be seen below, and a copy can be obtained at the
github repo…
Posted by dxw Security on Aug 12
Details
================
Software: Advanced Custom Fields: Table Field
Version: 1.1.12
Homepage: https://wordpress.org/plugins/advanced-custom-fields-table-field/
Advisory report:
https://security.dxw.com/advisories/xss-in-advanced-custom-fields-table-field-could-allow-authenticated-users-to-do-almost-anything-an-admin-user-can/
CVE: Awaiting assignment
CVSS: 4.9 (Medium; AV:N/AC:M/Au:S/C:P/I:P/A:N)
Description
================
Stored XSS in…
Posted by Ddanchev on Aug 12
Hi, everyone,
As, of, today, my, blog – http://ddanchev.blogspot.com is going, private, and, I, decided, to, let, everyone, know, on,
how, to, request, access, to, continue, to, maintain, access, to, the, blog.
[http://ddanchev.blogspot.com/2016/08/ddanchevs-blog-going-private-request.html](http://ddanchev.blogspot.de/2016/08/ddanchevs-blog-going-private-request.html)
Looking forward to receiving your response.
Let me know.
Thanks,
Dancho
Posted by Stefan Kanthak on Aug 12
Hi @ll,
several of Microsoft’s Sysinternals utilities extract executables
to %TEMP% and run them from there; the extracted executables are
vulnerable to DLL hijacking, allowing arbitrary code execution in
every user account and escalation of privilege in “protected
administrator” accounts [*].
* CoreInfo.exe:
extracts on x64 an embedded CoreInfo64.exe to %TEMP% which loads
%TEMP%VERSION.DLL (on Windows Vista and newer)…
Posted by Stefan Kanthak on Aug 12
Hi @ll,
the “Windows 10 Upgrade Assistant” Windows10Upgrade*.exe,
available via <http://go.microsoft.com/fwlink/?LinkId=822783> on
<https://www.microsoft.com/en-us/accessibility/windows10upgrade>,
via <http://go.microsoft.com/fwlink/?LinkId=821403> on
<https://support.microsoft.com/en-us/help/12387/windows-10-update-history>,
and on <https://www.microsoft.com/en-us/software-download/windows10>,
1. is…
Posted by VMware Security Response Center on Aug 12
———————————————————————————–
VMware Security Advisory
Advisory ID: VMSA-2016-0011
Severity: Moderate
Synopsis: vRealize Log Insight update addresses directory traversal
vulnerability.
Issue date: 2016-08-11
Updated on: 2016-08-11 (Initial Advisory)
CVE number: CVE-2016-5332
1. Summary
vRealize Log Insight update addresses directory…
Posted by Vulnerability Lab on Aug 11
Document Title:
===============
QuickerBB 0.7.0 – Register Cross Site Scripting Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1895
Release Date:
=============
2016-08-11
Vulnerability Laboratory ID (VL-ID):
====================================
1895
Common Vulnerability Scoring System:
====================================
3.2
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 11
Document Title:
===============
Microsoft Education – Stored Cross Site Web Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1897
Release Date:
=============
2016-08-10
Vulnerability Laboratory ID (VL-ID):
====================================
1897
Common Vulnerability Scoring System:
====================================
3.6
Product & Service Introduction:…