Posted by Vulnerability Lab on Dec 16
Document Title:
===============
RelateIQ Bug Bounty #1 – Persistent Signup Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1320
Video: http://www.vulnerability-lab.com/get_content.php?id=1332
Release Date:
=============
2014-12-02
Vulnerability Laboratory ID (VL-ID):
====================================
1320
Common Vulnerability Scoring System:
====================================…
Posted by Vulnerability Lab on Dec 16
Document Title:
===============
Konakart v7.3.0.1 CMS – CS Cross Site Web Vulnerability
References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1362
Release Date:
=============
2014-12-04
Vulnerability Laboratory ID (VL-ID):
====================================
1362
Common Vulnerability Scoring System:
====================================
2.4
Product & Service Introduction:…
Posted by Vulnerability Lab on Dec 16
Document Title:
===============
Elefant CMS v1.3.9 – Persistent Name Update Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1365
Release Date:
=============
2014-12-03
Vulnerability Laboratory ID (VL-ID):
====================================
1365
Common Vulnerability Scoring System:
====================================
3.9
Product & Service Introduction:…
Posted by Vulnerability Lab on Dec 16
Document Title:
===============
Fuzzylime v3.03b CMS – CS Cross Scripting Vulnerability
References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1357
Release Date:
=============
2014-12-02
Vulnerability Laboratory ID (VL-ID):
====================================
1357
Common Vulnerability Scoring System:
====================================
2.4
Product & Service Introduction:…
Posted by Vulnerability Lab on Dec 16
Document Title:
===============
iWifi for Chat v1.1 iOS – Denial of Service Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1375
Release Date:
=============
2014-12-16
Vulnerability Laboratory ID (VL-ID):
====================================
1376
Common Vulnerability Scoring System:
====================================
4.6
Product & Service Introduction:…
Posted by Vulnerability Lab on Dec 16
Document Title:
===============
iUSB v1.2 iOS – Arbitrary Code Execution Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1374
Release Date:
=============
2014-12-10
Vulnerability Laboratory ID (VL-ID):
====================================
1374
Common Vulnerability Scoring System:
====================================
8.7
Product & Service Introduction:…
RelateIQ suffered from a mail encoding flaw that allowed for malicious script insertion.
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable.
Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (dot dot) in the GetFile parameter to owa/owa.