PinApp Mail-SeCure Access Control Failure
Core Security Technologies Advisory - A security vulnerability was discovered in PineApp Mail-SeCure Suite, allowing a non-privileged attacker to get a root shell by sending a specially crafted command...
View ArticlePacket Storm New Exploits For September, 2013
This archive contains all of the 156 exploits added to Packet Storm in September, 2013.
View ArticleCodeCrypt 1.4
codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
View ArticleXPATH Injection
This is a brief whitepaper that covers XPATH injection attacks and use cases.
View ArticleWordPress Social Hashtag 2.0.0 Cross Site Scripting
WordPress Social Hashtag plugin version 2.0.0 suffers from a cross site scripting vulnerability.
View ArticleDigital Whisper Electronic Magazine #45
Digital Whisper Electronic Magazine issue 45. Written in Hebrew.
View ArticleWordPress Semper Fi Cross Site Scripting
The Semper Fi Web Design WordPress plugin suffers from a cross site scripting vulnerability due to the use of stripcslashes().
View ArticleFacebook Port Scanning / Open Redirect
The Facebook debugger tool allows for arbitrary port scanning through Facebook's systems, based upon responses received for open ports versus closed ports. In addition to this, Facebook suffers from an...
View ArticleClipBucket Remote Code Execution
ClipBucket suffers from a remote code execution vulnerability that allows for a shell upload.
View ArticleGLPI 0.84.1 Access Control / Code Injection
GLPI version 0.84.1 suffers from improper access control bypass and PHP code injection vulnerabilities.
View ArticleGnew 2013.1 PHP File Inclusion / SQL Injection
Gnew version 2013.1 suffers from file inclusion and remote SQL injection vulnerabilities.
View ArticleCisco Security Advisory 20131002-iosxr
Cisco Security Advisory - Cisco IOS XR Software version 4.3.1 contains a vulnerability that could result in complete packet memory exhaustion. Successful exploitation could render critical services on...
View ArticleDrupal Quick Tabs 6.x / 7.x Access Bypass
Drupal Quick Tabs third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
View ArticleRed Hat Security Advisory 2013-1402-01
Red Hat Security Advisory 2013-1402-01 - Adobe Reader allows users to view and print documents in Portable Document Format. Adobe Reader 9 reached the end of its support cycle on June 26, 2013, and...
View ArticleSIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution
This Metasploit module exploits the SEListCtrlX ActiveX installed with the SIEMENS Solid Edge product. The vulnerability exists on several APIs provided by the control, where user supplied input is...
View Article