Geek-Guy

Vulnerability Disclosures

CentOS Web Panel v0.9.8.12 - Non-Persistent Cross Site Scripting Vulnerabilities

Posted by Vulnerability Lab on Jan 19Document Title:
===============
CentOS Web Panel v0.9.8.12 – Non-Persistent Cross Site Scripting Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1835

Release Date:
=============
2018-01-17

Vulnerability Laboratory ID (VL-ID):
====================================
1835

Common Vulnerability Scoring System:
====================================
3.3

Vulnerability Class:… …read more

Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities

Posted by Vulnerability Lab on Jan 19Document Title:
===============
Shopware 5.2.5 & v5.3 – Multiple Cross Site Scripting Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1922

Shopware Security Tracking ID: SW-19834

Security Update:
http://community.shopware.com/Downloads_cat_448.html#5.3.4
http://community.shopware.com/_detail_2035.html

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15374

CVE-ID:… …read more

CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities

Posted by Vulnerability Lab on Jan 19Document Title:
===============
CentOS Web Panel v0.9.8.12 – Multiple Persistent Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1836

Release Date:
=============
2018-01-19

Vulnerability Laboratory ID (VL-ID):
====================================
1836

Common Vulnerability Scoring System:
====================================
4.4

Vulnerability Class:
====================
Cross… …read more

Photo Vault v1.2 iOS - Insecure Authentication Vulnerability

Posted by Vulnerability Lab on Jan 19Document Title:
===============
Photo Vault v1.2 iOS – Insecure Authentication Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2110

Release Date:
=============
2018-01-16

Vulnerability Laboratory ID (VL-ID):
====================================
2110

Common Vulnerability Scoring System:
====================================
4.8

Vulnerability Class:
====================
Insecure… …read more

CVE-2017-12130

An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the library dereference a NULL pointer leading to a server crash …read more