Full Disclosure
Posted by Rio Sherri on Sep 29
# Title : KeepNote 0.7.8 Remote Command Execution
# Date : 29/09/2016
# Author : R-73eN
# Twitter : https://twitter.com/r_73en
# Tested on : KeepNote 0.7.8 (Kali Linux , and Windows 7)
# Software : http://keepnote.org/index.shtml#download
# Vendor : ~
#
# DESCRIPTION:
#
# When the KeepNote imports a backup which is actuallt a tar.gz file
doesn’t checks for ” ../ ” characters
# which makes it possible to do a path traversal and…
Posted by Larry W. Cashdollar on Sep 28
Title: Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-16
Download Site: http://huge-it.com/joomla-catalog/
Vendor: huge-it.com
Vendor Notified: 2016-09-17
Vendor Contact: info () huge-it com
Description:
Huge-IT Product Catalog is made for demonstration, sale, advertisements for your products. Imagine a stand with a
variety of catalogs with a specific product category. To…
Posted by Larry W. Cashdollar on Sep 28
Title: Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-15
Download Site: http://huge-it.com/joomla-video-gallery/
Vendor: www.huge-it.com, fixed v1.1.0
Vendor Notified: 2016-09-17
Vendor Contact: info () huge-it com
Description: A video slideshow gallery.
Vulnerability:
The following code does not prevent an unauthenticated user from injecting SQL into functions located…
Posted by Matteo Beccati on Sep 28
========================================================================
Revive Adserver Security Advisory REVIVE-SA-2016-002
========================================================================
http://www.revive-adserver.com/security/revive-sa-2016-002
========================================================================
CVE-IDs: TBA
Date: 2016-09-28
Risk Level: Medium…
Posted by Pierre Kim on Sep 28
## Advisory Information
Title: Multiple vulnerabilities found in the Dlink DWR-932B (backdoor,
backdoor accounts, weak WPS, RCE …)
Advisory URL: https://pierrekim.github.io/advisories/2016-dlink-0x00.txt
Blog URL: https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html
Date published: 2016-09-28
Vendors contacted: Dlink
Release mode: Released
CVE: no current CVE
DWF: no current DWF
## Product Description…
Posted by Rio Sherri on Sep 28
# Title : Symantec Messaging Gateway <= 10.6.1 Directory Traversal
# Date : 28/09/2016
# Author : R-73eN
# Tested on : Symantec Messaging Gateway 10.6.1 (Latest)
# Software :
https://www.symantec.com/products/threat-protection/messaging-gateway
# Vendor : Symantec
# CVE : CVE-2016-5312
# DESCRIPTION:
# A charting component in the Symantec Messaging Gateway control center
does not properly sanitize user input submitted for charting requests.
#…
Posted by Vulnerability Lab on Sep 28
Award 2016 “Glas of Reason” (Glas der Vernunft) for Edward Snowden
(10.000€) @snowden
–
Security Press Articles
http://www.mirror.co.uk/news/world-news/german-city-gives-nsa-whistleblower-8913033
http://www.bild.de/wa/ll/bild-de/unangemeldet-42925516.bild.html
http://www.stern.de/panorama/kasseler-buergerpreis-geht-an-edward-snowden-7073662.html
http://www.zdnet.de/88272377/glas-der-vernunft-kasseler-buerger-ehren-edward-snowden/…
Posted by Simon Rawet on Sep 27
Hi Fernando,
Do you have a timeline for this issue?
Additionally do you have any contact details for the w3tc team you could
share? All my attempts to contact them have fallen short.
Posted by Mark Koek on Sep 27
I think the term is ‘remote privilege escalation’ (as opposed to local
privilege escalation). As a headline I’d suggest ‘remote privilege
escalation from any mysql user to root’.
Mark
Posted by TRUEL IT | Leone Pontorieri on Sep 27
[+]####################################################################################################
|
| Title: Adobe Flash local-with-filesystem sandbox bypass via navigateToURL() and UI redressing
| Author: Leone Pontorieri
| <leone [dot] pontorieri [at] truel [dot] it>
| https://www.truel.it
| Product: Adobe Flash
| <= 23 (before September 13, 2016)
| Changelog:…