Full Disclosure
Posted by Summer of Pwnage on Aug 01
————————————————————————
Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin
————————————————————————
Yorick Koster, July 2016
————————————————————————
OVE ID
————————————————————————
OVE-20160724-0021…
Posted by Vulnerability Lab on Aug 01
Document Title:
===============
Car CMS v3.00.30 – Search Cross Site Scripting Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1891
Release Date:
=============
2016-08-01
Vulnerability Laboratory ID (VL-ID):
====================================
1891
Common Vulnerability Scoring System:
====================================
3.2
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 01
Document Title:
===============
Fortinet FortiManager & FortiAnalyzer – (filename) Persistent Web Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1687
Fortinet PSIRT ID: 1624561
Release Notes #1: http://docs.fortinet.com/uploaded/files/2796/fortios-5.4.0-release-notes.pdf
Release Notes #2: http://docs.fortinet.com/uploaded/files/2861/fortios-v5.2.6-release-notes.pdf
Release Notes…
Posted by Summer of Pwnage on Aug 01
————————————————————————
Stored Cross-Site Scripting vulnerability in WP Live Chat Support
WordPress Plugin
————————————————————————
Dennis Kerdijk <dennis.at.securelabs.nl> & Erwin Kievith
<erwin.at.securelabs.nl>, July 2016
————————————————————————
Abstract…
Posted by Summer of Pwnage on Aug 01
————————————————————————
Cross-Site Scripting in Contact Bank WordPress Plugin
————————————————————————
Yorick Koster, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in the Contact Bank…
Posted by Summer of Pwnage on Aug 01
————————————————————————
SQL injection vulnerability in Booking Calendar WordPress Plugin
————————————————————————
Edwin Molenaar, July 2016
————————————————————————
Abstract
————————————————————————
An SQL injection vulnerability exists in the Booking…
Posted by Summer of Pwnage on Aug 01
————————————————————————
Cross-Site Scripting vulnerability in Booking Calendar WordPress Plugin
————————————————————————
Edwin Molenaar, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in…
Posted by Summer of Pwnage on Jul 31
————————————————————————
Multiple vulnerabilities in All In One WP Security & Firewall plugin
login CAPTCHA
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
The login CAPTCHA provided by the…
Posted by Summer of Pwnage on Jul 31
————————————————————————
Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress
Plugin
————————————————————————
Bente Schopman, July 2016
————————————————————————
Abstract
————————————————————————
Multiple stored Cross-Site Scripting…
Posted by Summer of Pwnage on Jul 31
————————————————————————
Insert PHP WordPress Plugin allows authenticated user to execute
arbitrary PHP
————————————————————————
Marcel Vermeulen <vermeulen.mc.at.gmail.com> & Ed van der Vlies
<ecvdvlies.at.gmail.com>, July 2016
————————————————————————
Abstract…