Full Disclosure
Posted by x ksi on Aug 22
$ cat ./3rdparty.txt
Release (08.06.2015): Writeup with PHP PoC released
Update #1 (04.02.2016): JavaScript PoC created
Update #2 (16.06.2016): W3C SRI information added
Update #3 (01.08.2016): Added reference about the AdGholas
Update #4 (20.08.2016): Added reference about D. Trump site
Posted by Mevied, Matias on Aug 22
Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information
disclosure in EXPORT
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could access business
information indexed by the SAP system.
Risk Level: Low
2. Advisory Information
=======================
– Public Release Date: 07/20/2016
– Last Revised: 07/20/2016
– Security Advisory ID: ONAPSIS-2016-038
– Onapsis SVS ID: ONAPSIS-00235
– CVE:…
Posted by Gary Baribault on Aug 22
Hey Onapsis, you are copying and pasting a timeline with errors in it.
Gary B
Posted by Black Arch on Aug 22
Dear list,
We’ve released the new BlackArch Linux ISOs along with many
improvements. They include more than 1500 tools now. The armv6h and
armv7h repositories are filled with about 1400 tools.
A short ChangeLog of the Live-ISOs:
– updated the BlackArch Linux installer
– include linux kernel 4.7.1
– added more than 100 new tools
– updated all blackarch tools
– updated all system packages
– updated menu entries for the…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
Jaws CMS v1.1.1 – Privilege Escalate CSRF Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1923
Release Date:
=============
2016-08-22
Vulnerability Laboratory ID (VL-ID):
====================================
1923
Common Vulnerability Scoring System:
====================================
3.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
phpCollab v2.5 CMS – Privilege Escalate CSRF Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1911
Release Date:
=============
2016-08-17
Vulnerability Laboratory ID (VL-ID):
====================================
1911
Common Vulnerability Scoring System:
====================================
3.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
AVS Audio Converter 8.2.1 – Buffer Overflow Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1920
Release Date:
=============
2016-08-22
Vulnerability Laboratory ID (VL-ID):
====================================
1920
Common Vulnerability Scoring System:
====================================
6.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 22
Document Title:
===============
ISPconfig v3.0.5.4 p6 – UI Exception & XSS Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1909
Release Date:
=============
2016-08-16
Vulnerability Laboratory ID (VL-ID):
====================================
1909
Common Vulnerability Scoring System:
====================================
3.5
Product & Service Introduction:…
Posted by Summer of Pwnage on Aug 20
————————————————————————
Path traversal vulnerability in WordPress Core Ajax handlers
————————————————————————
Yorick Koster, July 2016
————————————————————————
Abstract
————————————————————————
A path traversal vulnerability was found in the Core Ajax…
Posted by Onapsis Research on Aug 19
Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information
disclosure in EXPORT
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could access business
information indexed by the SAP system.
Risk Level: Low
2. Advisory Information
=======================
– Public Release Date: 07/20/2016
– Last Revised: 07/20/2016
– Security Advisory ID: ONAPSIS-2016-038
– Onapsis SVS ID: ONAPSIS-00235
– CVE:…