Category Archives: Full Disclosure

Full Disclosure

CSRF/stored XSS in WordPress Firewall 2 allows unauthenticated attackers to do almost anything an admin can (WordPress plugin)

April 6, 2017 007admin Leave a comment

Posted by dxw Security on Apr 06

Details
================
Software: WordPress Firewall 2
Version: 1.3
Homepage: https://wordpress.org/plugins/wordpress-firewall-2/
Advisory report:
https://security.dxw.com/advisories/csrfstored-xss-in-wordpress-firewall-2-allows-unauthenticated-attackers-to-do-almost-anything-an-admin-can/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)

Description
================
CSRF/stored XSS in WordPress Firewall 2 allows…

Full Disclosure

APPLE-SA-2017-04-04-1 Apple Music 2.0 for Android

April 6, 2017 007admin Leave a comment

Posted by Apple Product Security on Apr 06

APPLE-SA-2017-04-04-1 Apple Music 2.0 for Android

Apple Music 2.0 for Android is now available and addresses the
following:

Apple Music
Available for: Android version 4.3 or later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: A certificate validation issue existed in Apple Music
for Android. This issue was addressed through improved certificate
validation.
CVE-2017-2387: David…

Full Disclosure

QNAP QTS multiple RCE vulnerabilities (CVE-2017-6361, CVE-2017-6360, CVE-2017-6359)

April 6, 2017 007admin Leave a comment

Posted by Harry Sintonen on Apr 06

QNAP QTS multiple RCE vulnerabilities
=====================================
The latest version of this advisory is available at:
https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt

Overview
——–

QNAP QTS firmware contains multiple Command Injection (CWE-77)
vulnerabilities that can be exploited to gain remote command execution
on the devices.

Description
———–

QNAP QTS web user interface CGI binaries include…

Full Disclosure

Apple Music Android Application – MITM SSL Certificate Vulnerability (CVE-2017-2387)

April 6, 2017 007admin Leave a comment

Posted by David Coomber on Apr 06

Apple Music Android Application – MITM SSL Certificate Vulnerability
(CVE-2017-2387)

Full Disclosure

Spiceworks 7.5 TFTP Improper Access Control File Overwrite / Upload

April 6, 2017 007admin Leave a comment

Posted by hyp3rlinx on Apr 06

[+] Credits: John Page AKA HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CONTROL-FILE-OVERWRITE.txt
[+] ISR: APPARITIONSEC

Vendor:
==================
www.spiceworks.com

Product:
=================
Spiceworks – 7.5

Provides network inventory and monitoring of all the devices on the network
by discovering IP-addressable devices.
It can be configured to provide…

Full Disclosure

iPlatinum iOneView Multiple Parameter Reflected XSS

April 4, 2017 007admin Leave a comment

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/iplatinum-ioneview-multiple-parameter-reflected-xss.html

Date:
04-Apr-2017

Product:
iPlatinum iOneView

Versions affected:
Unknown.

Vulnerabilities:

1) Cross-site scripting:

http://[target]/ioneview/admin/main.pl?cmd=<script>alert(document.cookie)</script>
http://[target]/ioneview/admin/main.pl?_username="><script>alert(document.cookie)</script>…

Full Disclosure

Kaseya information disclosure vulnerability

April 4, 2017 007admin Leave a comment

Posted by Patrick Webster via Fulldisclosure on Apr 04

https://www.osisecurity.com.au/kaseya-information-disclosure-vulnerability.html

Date:
04-Apr-2017

Product:
Kaseya VSA

Versions affected:
9.02.00.04

Vulnerability:

Installations of Kaseya contain the following installation page:
https://[target]/install/kaseya.html

When the product is installed, it cannot be installed again. However,
if you go to that page when it is installed, it reveals sensitive
information to the internet at large,…

Full Disclosure