Full Disclosure
Posted by gen type on Aug 24
#################################
Dotclear 2.9.1 SSRF/XSPA Vulnerability
#################################
[+] Software: https://dotclear.org/
[+] Author: Wiswat Aswamenakul
[+] Affected version: only tested on 2.9.1 (previous version might be
affected)
[+] Platform: tested on Ubuntu 14.04, PHP 5.5.9
[+] Description
Dotclear has a feature to import blog content through RSS feed.
Authenticated users could have access to this feature. The feature…
Posted by gen type on Aug 24
#############################################
Dotclear 2.9.1 Malicious File Upload Restriction Bypass
#############################################
[+] Software: https://dotclear.org/
[+] Author: Wiswat Aswamenakul
[+] Affected version: only tested on 2.9.1 (previous version might be
affected)
[+] Platform: tested on Ubuntu 14.04, PHP 5.5.9
[+] Description
Dotclear has a feature to upload files in Media Manager. However, by
default, there is a…
Posted by gen type on Aug 24
######################################
Dotclear 2.9.1 Directory Download Vulnerability
######################################
[+] Software: https://dotclear.org/
[+] Author: Wiswat Aswamenakul
[+] Affected version: only tested on 2.9.1 (previous version might be
affected)
[+] Platform: tested on Ubuntu 14.04, PHP 5.5.9
[+] Description
Authenticated users with media manager access permission are allowed to
download media directories in zip file…
Posted by Vulnerability Lab on Aug 24
FortiGuard Fortinet – Security Bulletins:
http://fortiguard.com/advisory/forticloud-cross-site-script-persistent-web-vulnerabilities
http://fortiguard.com/advisory/fortivoice-5-0-filter-bypass-persistent-web-vulnerabilities
http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability-1
http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-xss-vulnerability…
Posted by Onapsis Research on Aug 22
Correcting timeline:
7. Report Timeline
==================
– – 03/21/2015: Onapsis provides vulnerability information to SAP AG.
– – 04/14/2015: SAP reports fix is In Process.
– – 10/13/2015: SAP releases SAP Security Note 2203591 fixing the
vulnerability.
– – 07/20/2016: Onapsis Releases Security Advisory.
2016-08-19 11:53 GMT-03:00 Onapsis Research :
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Onapsis Security Advisory…
Posted by Florian Bogner on Aug 22
Horizontal Privilege Escalation/Code Injection in ownCloud’s Windows Client
Metadata
===================================================
Release Date: 17-08-2016
Author: Florian Bogner @ Kapsch BusinessCom AG (https://www.kapsch.net/kbc)
Affected versions: up to ownCloud’s Desktop client version 2.2.2
Tested on: Windows 7 64 bit
CVE : pending
URL: https://bogner.sh/2016/08/horizontal-privilege-escalation-in-ownclouds-windows-client/…
Posted by David Tomaschik on Aug 22
ObiHai ObiPhone – Multiple Vulnerabilities
——————————————
Introduction
============
Multiple vulnerabilities were discovered in the web management
interface of the ObiHai ObiPhone products. The Vulnerabilities were
discovered during a black box security assessment and therefore the
vulnerability list should not be considered exhaustive.
Affected Devices and Versions
=============================
ObiPhone 1032/1062…
Posted by psy on Aug 22
Hi FD,
I am glad to present a new release of this tool.
UFONet abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct
different attacks using; GET/POST, multithreading, proxies, origin
spoofing methods, cache evasion techniques, etc.
———
Screenshots:
http://ufonet.03c8.net/ufonet/ufonet-gui.png
http://ufonet.03c8.net/ufonet/ufonet-gui4.png
———
Video:…
Posted by x ksi on Aug 22
$ cat ./3rdparty.txt
Release (08.06.2015): Writeup with PHP PoC released
Update #1 (04.02.2016): JavaScript PoC created
Update #2 (16.06.2016): W3C SRI information added
Update #3 (01.08.2016): Added reference about the AdGholas
Update #4 (20.08.2016): Added reference about D. Trump site
Posted by Mevied, Matias on Aug 22
Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information
disclosure in EXPORT
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could access business
information indexed by the SAP system.
Risk Level: Low
2. Advisory Information
=======================
– Public Release Date: 07/20/2016
– Last Revised: 07/20/2016
– Security Advisory ID: ONAPSIS-2016-038
– Onapsis SVS ID: ONAPSIS-00235
– CVE:…
