This whitepaper deals with local privilege escalation attacks via exploiting vulnerabilities in the client management software Empirum.
Monthly Archives: July 2015
The Events Calender: Eventbrite Tickets 3.9.6 Cross Site Scripting
The WordPress Eventbrite Tickets plugin from The Events Calendar version 3.9.6 suffers from a cross site scripting vulnerability.
AjaxControlToolkit File Upload Directory Traversal
The AjaxControlToolkit prior to version 15.1 has a file upload directory traversal vulnerability which on a poorly configured web server can lead to remote code execution.
Slackware Security Advisory – mozilla-thunderbird Updates
Slackware Security Advisory – New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
FreiChat 9.6 SQL Injection
FreiChat version 9.6 suffers from a remote SQL injection vulnerability.
sysPass 1.0.9 SQL Injection
sysPass versions 1.0.9 and below suffer from a remote SQL injection vulnerability.
WordPress WP-PowerPlayGallery 3.3 File Upload / SQL Injection
WordPress WP-PowerPlayGallery plugin version 3.3 suffers from remote file upload and remote SQL injection vulnerabilities.
WordPress Floating Social Bar 1.1.5 Cross Site Scripting
WordPress Floating Social Bar version 1.1.5 suffers from a cross site scripting vulnerability.
Spoofed URLs: Homograph Attacks Revisited
How homograph attacks can present a spoofed, malicious link, and a case where a secure connection doesn’t guarantee a safe site.
The post Spoofed URLs: Homograph Attacks Revisited appeared first on We Live Security.
Privilege Escalation Via Client Management Software Part 1
This whitepaper deals with local privilege escalation attacks via exploiting vulnerabilities in the client management software FrontRange DSM.