Photo Gallery Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the photo-gallery\photo-gallery.php script allows access to filemanager\UploadHandler.php. The post() method in UploadHandler.php
f02ad987ed7f1dad396989d5468e155f2bca868059ecd59d3ac73240b22cd297This Metasploit module exploits a file upload vulnerability on Maarch LetterBox 2.8 due to a lack of session and file validation in the file_to_index.php script. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web server.
cd2b7f42e25ec82d510aeb7d6752ea48283d55ef832886d99f9df019f40f307eAll versions of WordPress fail to implement a cryptographically secure pseudorandom number generator.
170595a1bbe7e09d77645ac1e3ed66ad3b2cd04dd4cb157b616751c9edc794dfOpen-Xchange Server 6 / OX AppSuite suffers from an information exposure vulnerability in versions 7.6.1 and below.
8229982ea2c858877843bfc93dec828d259e06e7d9ea4893899722e0857cf8f5The Shakacon 2015 Call For Papers has been announced. It will take place July 6th through the 7th, 2015, in Honolulu, Hawaii.
3e1cc0d66c6521684612f80c381c39ff80e87cab0d911c92741baeb95ffb7955Mandriva Linux Security Advisory 2015-044 - Incorrect memory management in Gtk2::Gdk::Display::list_devices in perl-Gtk2 before 1.2495, where, the code was freeing memory that gtk+ still holds onto and might access later. The updated packages have been patched to correct this issue.
e73da39c4f4f83b3f336e55cc33673138264f90452afaeb86dafd1ea189a8695Debian Linux Security Advisory 3161-1 - Simon McVittie discovered a local denial of service flaw in dbus, an asynchronous inter-process communication system. On systems with systemd-style service activation, dbus-daemon does not prevent forged ActivationFailure messages from non-root processes. A malicious local user could use this flaw to trick dbus-daemon into thinking that systemd failed to activate a system service, resulting in an error reply back to the requester.
2aa70c387619edf5818fcdac52d8d84392b4ab17ce8511cb0c1f79f7b11e9cc6Mandriva Linux Security Advisory 2015-047 - Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils allows remote attackers to write to arbitrary files to the root directory via a / in a crafted archive, as demonstrated using the ar program.
72bdd7da941cefc3fb4d3fcab073210f54c6225dc876df7b77489666a6946e4fMandriva Linux Security Advisory 2015-048 - Multiple vulnerabilities has been discovered and corrected in Stephen Frost discovered that PostgreSQL incorrectly displayed certain values in error messages. An authenticated user could gain access to seeing certain values, contrary to expected permissions. Andres Freund, Peter Geoghegan and Noah Misch discovered that PostgreSQL incorrectly handled buffers in to_char functions. An authenticated attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PostgreSQL incorrectly handled memory in the pgcrypto extension. An authenticated attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. Emil Lenngren discovered that PostgreSQL incorrectly handled extended protocol message reading. An authenticated attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly inject query messages. This advisory provides the latest version of PostgreSQL that is not vulnerable to these issues.
634d97dbd89e3a11f0f04718cbf5534aac49ac2bfae32de2e27000b2b448d65eMandriva Linux Security Advisory 2015-046 - Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed.
1738bc161859133a34d1c1b3f945bb293d62965b7ce6af9e1ab54e8936be9dd5Mandriva Linux Security Advisory 2015-045 - The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability.
afbd08dd885b278be82cc4c96d75245e87201d6fbcf427b723ce8ce64f54f3c9Exponent CMS version 2.3.1 suffers from multiple cross site scripting vulnerabilities.
d7c212b63775bde5c49ae7979f6feda188aeede831184a2ef05a72bfb78c0ad3WordPress Survey and Poll plugin version 1.1.7 suffers from a remote blind SQL injection vulnerability.
bffe875e9602d8364594172c18a3c2b30db880051341861fc5e0ec7390f54b65WordPress Video Gallery plugin version 2.7 suffers from a remote SQL injection vulnerability.
f1c1b63158e55fcb88ffb9e2a48a95cd38c6187d753ae7798f61c163dd8da92cSEANux version 1.0 remote command execution exploit that executes as www-data.
c69564190cc4edb5f8372673b0b013f53a6e1591b4c20d0e40bb202e5c650f7cWordPress Ninja Forms plugin version 2.8.8 suffers from a cross site scripting vulnerability.
d9cdb4289101f87321d12ef9895293720a72dd17e96f746e1a95667c4dc179cbUbuntu Security Notice 2499-1 - Stephen Frost discovered that PostgreSQL incorrectly displayed certain values in error messages. An authenticated user could gain access to seeing certain values, contrary to expected permissions. Andres Freund, Peter Geoghegan and Noah Misch discovered that PostgreSQL incorrectly handled buffers in to_char functions. An authenticated attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
ece0ed1fa664c2cfc993dd729652d029bc60850f5ddde36ddea4ba499be6ec0dRed Hat Security Advisory 2015-0158-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual servers running Red Hat Enterprise Linux and Microsoft Windows. This package also includes the Red Hat Enterprise Virtualization Manager API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a User Portal, and a Representational State Transfer Application Programming Interface .
d9bb9ff72c6bd97b60e38ccf8918a120f640422e9b3d209587866a2130fb7674Debian Linux Security Advisory 3160-1 - Olivier Fourdan discovered that missing input validation in the Xserver's handling of XkbSetGeometry requests may result in an information leak or denial of service.
a8c6a3b27aaa3ff3ec4661dad807a413a2b37a89aa34950221b7a1e87856681fCisco Security Advisory - Cisco Secure Access Control System (ACS) prior to version 5.5 patch 7 is vulnerable to a SQL injection attack in the ACS View reporting interface pages. A successful attack could allow an authenticated, remote attacker to access and modify information such as RADIUS accounting records stored in one of the ACS View databases or to access information in the underlying file system. Cisco has released free software updates that address this vulnerability.
0316ff4c6325490cd4330984306d52e82eba029c3763085c673dc708d5d17e38Red Hat Security Advisory 2015-0215-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity attacks.
57ab1fc8b9507ca56ece907b266ce7c9eb4bd0abbef003b66b314ffee42dde44Red Hat Security Advisory 2015-0218-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity attacks.
f9ad7ddcc0da56c409f88863816e066c6de7d686ea4c7eef207b9df7eb41214aRed Hat Security Advisory 2015-0217-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity attacks.
6e4bb84632dec0165b206c20f5fb253e5a62ac2ecc1df2e42f35cae661646453Red Hat Security Advisory 2015-0216-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity attacks.
6fdb35979e83d4bc7783909319fa6956e41ee874378bc2a23ef3be879dee9fb7Red Hat Security Advisory 2015-0197-01 - Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execute arbitrary code.
c5f4f033803d9e22a30145022cb9ac7c8e6388b88c24dd2ce47e5a58c8bb1a76
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed