WordPress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities
# Exploit Title: WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSS# Google Dork: inurl:"/wp-content/plugins/simply-poll# Date: 16.03.2013# Exploit Author: m3tamantra# Vendor Homepage:...
View ArticleThreat Outbreak Alert: Fake Order And Transfer Slip Notification E-mail...
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain an order and transfer slip notification for the recipient. The...
View ArticleThreat Outbreak Alert: Fake American Express Payment Processing Notice E-mail...
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a payment processing notification for the recipient. The text...
View ArticleThreat Outbreak Alert: Fake Purchase Order Payment Notification E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a purchase order payment notification for the recipient. The...
View ArticleiKAT 2013 Release - Interactive Kiosk Attack Tool
iKAT - Interactive Kiosk Attack Tool v2013 Paul Craig - Paul () ha cked net-------------------------------------------------------------It is with my greatest of pleasure that i would like...
View ArticleCisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256Cisco IOS and Cisco IOS XE Type 4 Passwords IssueDocument ID: 33464Revision 1.0For Public Release 2013 March 18 16:00 UTC...
View ArticleCVE-2013-1493 Zero Day Java Exploit
import java.applet.Applet;import java.awt.color.ColorSpace;import java.awt.image.BufferedImage;import java.awt.image.ColorConvertOp;import java.awt.image.ColorModel;import...
View ArticleCVE-2013-1854] Symbol DoS vulnerability in Active Record
Symbol DoS vulnerability in Active RecordThere is a symbol DoS vulnerability in Active Record. This vulnerability has been assigned the CVE identifierCVE-2013-1854.Versions Affected: 3.2.x, 3.1.x,...
View Article[CVE-2013-1855] XSS vulnerability in sanitize_css in Action Pack
XSS vulnerability in sanitize_css in Action PackThere is an XSS vulnerability in the `sanitize_css` method in Action Pack. This vulnerability has been assigned the CVEidentifier CVE-2013-1855.Versions...
View Article[CVE-2013-1856] XML Parsing Vulnerability affecting JRuby users
XML Parsing Vulnerability affecting JRuby usersThere is a vulnerability in the JDOM backend to ActiveSupport's XML parser. This could allow an attacker to perform adenial of service attack or gain...
View Article[CVE-2013-1857] XSS Vulnerability in the `sanitize` helper of Ruby on Rails
XSS Vulnerability in the `sanitize` helper of Ruby on RailsThere is an XSS vulnerability in the sanitize helper in Ruby on Rails. This vulnerability has been assigned the CVEidentifier...
View ArticleRemote command execution in Ruby Gem Command Wrap
Remote command execution in Ruby Gem Command Wrap3/15/2013http://rubygems.org/gems/command_wrapCommands executed if the remote URL or filename contains the shell character ';'. The commands will be...
View ArticlePayPal Chinese Web Application Information Disclosure
Title:======PayPal Bug Bounty CN #60 - Information Disclosure DBMSDate:=====2013-03-19References:===========http://www.vulnerability-lab.com/get_content.php?id=845VL-ID:=====845Common Vulnerability...
View ArticleKali Linux Release Aftermath
Five days into the Kali Linux release at BlackHat EU in Amsterdam, and we’re still not fully recovered. Since the release, we’ve had just over 90,000 downloads, a dozen or so package updates, added...
View ArticleScripteen FunPhoto Mix Cross Site Scripting
################################################################################## __ _ _ ____ / /___ _____ (_)_____________...
View ArticleSami FTP Server 2.0.1 PUT Command Buffer Overflow
#!/usr/bin/python# Exploit Title: Sami FTP Server 2.0.1 PUT Command Buffer overflow (DEP Bypass)# Date: 17 Mar 2013# Exploit Author: ne0z# Vendor Homepage: http://www.hatsecure.com# Version: Sami FTP...
View ArticleHacker Begins Distributing Confidential Memos Sent To Hillary Clinton On...
Armed with confidential memos to Hillary Clinton that were stolen from the e-mail account of a former White House aide, a hacker has distributed some of the documents to a wide array of congressional...
View ArticleNSA had cyber-attack authority since 1997
You wouldn't really know it from reading press accounts about cyber-warfare, but the National Security Agency has been the executive agent for precisely that capability since 1997, according to newly...
View ArticleAhnLab Survey: 78% of IT Professionals Admit Picking Up and Plugging In...
SEOUL, SOUTH KOREA and SANTA CLARA, CA and LONDON--(Marketwire - Mar 19, 2013) -AhnLab, South Korea's largest IT security vendor, has revealed that 78 percent of IT security professionals have admitted...
View ArticleVerizon Fios Router MI424WR-GEN3I - CSRF Vulnerability
# Exploit Title: Verizon Fios Router CSRF Admin Shell# Date: Discovered and reported January 2013# Author: Jacob Holcomb/Gimppy - Security Analyst @ Independent Security Evaluators# Software: Verizon...
View Article