Full Disclosure
Posted by redrain root on Sep 12
Airmail is a popular email client on iOS and OS X.
I found a vulnerability in airmail of the latest version which could cause
a file:// xss and arbitrary file read.
Author: redrain, yu.hong () chaitin com
Date: 2016-08-15
Version: 3.0.2 and earlier
Platform: OS X and iOS
Site: http://airmailapp.com/
Vendor: http://airmailapp.com/
Vendor Notified: 2016-08-15
Vulnerability:
There is a file:// xss in airmail version 3.0.2 and earlier.
The app can…
Posted by Summer of Pwnage on Sep 10
————————————————————————
Persistent Cross-Site Scripting in Woocommerce WordPress plugin
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
A vulnerability exists in the Woocommerce API that allows…
Posted by Summer of Pwnage on Sep 10
————————————————————————
Authorization bypass in InfiniteWP Admin Panel
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
An authorization bypass was found in the InfiniteWP Admin Panel that
allows…
Posted by Summer of Pwnage on Sep 10
————————————————————————
Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters
plugin
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found…
Posted by Summer of Pwnage on Sep 10
————————————————————————
Command injection in InfiniteWP Admin Panel
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
The InfiniteWP Admin Panel can be used to execute arbitrary system
commands….
Posted by Asterisk Security Team on Sep 08
Asterisk Project Security Advisory – AST-2016-007
Product Asterisk
Summary RTP Resource Exhaustion
Nature of Advisory Denial of Service
Susceptibility Remote Authenticated Sessions
Severity Moderate…
Posted by Asterisk Security Team on Sep 08
Asterisk Project Security Advisory – AST-2016-006
Product Asterisk
Summary Crash on ACK from unknown endpoint
Nature of Advisory Remote Crash
Susceptibility Remote unauthenticated sessions
Severity Critical…
Posted by bashis on Sep 08
/*
Author: bashis <mcw noemail eu>, 2016
Small example code of ‘two-write-where-and-what’ format string (FMS) and description how to possible exploit when
located on heap.
Since the technique is ‘two-write-where-and-what’, it’s possible to jump to lower target address than the FMS has
counted up to.
[You will need to check addresses of free() and target() to see if it’s matching this example; if not, you…
Posted by Karn Ganeshen on Sep 08
*ELNet **Energy & Electrical Power Meter – Mulitple Vulnerabilities*
http://elnet.feniks-pro.com/Elnet-LT.php
http://www.elnet.cc/product/elnet-lt/
Powermeter with color graphic display for all electrical measurements and
harmonics, with TCP/IP and RS485 communication (ModBus and Bacnet), panel
mounted 96X96 mm.
*Product Description*
General
Simple operated menus.
– Multilingual support.
– Up to One year of energy data logging….
Posted by Karn Ganeshen on Sep 08
*Powerlogic/Schneider Electric IONXXXX series Smart Meters – Multiple
security issues*
*Impacted devices:*
*ION7300 and potentially all IONXXXX models (based off of Powerlogic) *For
example, Power Measurement Ltd. Meter ION 7330V283 ETH ETH7330V274
http://www.schneider-electric.com/download/hk/en/details/2254511-ETH-7330-V274/?reference=ETH7330V274
*About*
Power & Energy Monitoring System
Compact energy and power quality meters for feeders…