It was discovered that the Websense Data Security block page processes user-controllable data insecurely, rendering the block page vulnerable to cross site scripting.
Monthly Archives: March 2015
Websense Explorer Missing Access Control
It was discovered that no access control is enforced on the explorer_wse path, which is exposed through the web server. An attacker can abuse this issue to download any file exposed by this path, including security reports and Websense Explorer configuration files.
Websense Triton Source Code Disclosure
Websense Triton is affected by a source code disclosure vulnerability. By appending a double quote character after JSP URLs, Websense will return the source code of the JSP instead of executing the JSP. An attacker can use this issue to inspect parts of Websense’s source code in order to gain more knowledge about Websense’s internals.
Websense Appliance Manager Command Injection
A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like cross site scripting, to perform a remote unauthenticated attacks to compromise the appliance.
Websense Email Security Cross Site Scripting
Users of Websense Data Security that are reviewing DLP incidents can be attacked via cross site scripting. This issue can be exploited using a specially crafted email, or by sending a specially crafted HTTP request through the Websense proxy. The attacker-supplied code can perform a wide variety of attacks, such as stealing session tokens, login credentials, performing arbitrary actions as victims, or logging victims’ keystrokes.
Websense Data Security DLP Incident Forensics Preview XSS
Users of Websense Data Security that are reviewing DLP incidents can be attacked via cross site scripting. This issue can be exploited using a specially crafted email, or by sending a specially crafted HTTP request through the Websense proxy. The attacker-supplied code can perform a wide variety of attacks, such as stealing session tokens, login credentials, performing arbitrary actions as victims, or logging victims’ keystrokes.
Joomla ECommerce-WD 1.2.5 SQL Injection
Joomla ECommerce-WD plugin version 1.2.5 suffers from multiple remote SQL injection vulnerabilities.
Apple Security Advisory 2015-03-17-1
Apple Security Advisory 2015-03-17-1 – Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and address multiple WebKit vulnerabilities.
Web-Dorado ECommerce-WD for Joomla plugin multiple unauthenticated SQL injections
Posted by Brandon Perry on Mar 19
Version 1.2.5 of the ECommerce-WD plugin for Joomla! has multiple
unauthenticated SQL injections available via the advanced search
functionality.
http://extensions.joomla.org/extension/ecommerce-wd
The vulnerable parameters are search_category_id, sort_order, and
filter_manufacturer_ids within the following request:
POST
/index.php?option=com_ecommercewd&controller=products&task=displayproducts
HTTP/1.1
Host: 172.31.16.49
User-Agent:…
Chamilo LMS 1.9.10 Multiple XSS & CSRF Vulnerabilities
Posted by Rehan Ahmed on Mar 19
I. Overview
========================================================
Chamilo LMS 1.9.10 or prior versions are prone to a multiple Cross-Site Scripting (Stored + Reflected) & CSRF
vulnerabilities. These vulnerabilities allows an attacker to gain control over valid user accounts in LMS, perform
operations on their behalf, redirect them to malicious sites, steal their credentials, and more.
II. Severity…