All Hot News Popular Media
Web File, PacketStorm Security

Fri, 19 Jan 2018 09:32:32 GMT
CentOS Web Panel 0.9.8.12 Cross Site Scripting
CentOS Web Panel version 0.9.8.12 suffers from multiple cross site scripting vulnerabilities.

Thu, 18 Jan 2018 20:40:47 GMT
CentOS Web Panel 0.9.8.12 Cross Site Scripting
CentOS Web Panel version 0.9.8.12 suffers from multiple cross site scripting vulnerabilities.

Fri, 12 Jan 2018 01:15:52 GMT
Debian Security Advisory 4090-1
Debian Linux Security Advisory 4090-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting (XSS) and Server-Side Request Forgery (SSRF) attacks, as well as bypass some access restrictions.

Thu, 11 Jan 2018 03:48:09 GMT
Ubuntu Security Notice USN-3530-1
Ubuntu Security Notice 3530-1 - It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions.

Thu, 11 Jan 2018 03:46:23 GMT
Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload
This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing local file read vulnerability referenced by CVE-2015-8279, which allows remote attackers to read the web interface credentials by sending a request to: cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.

Thu, 11 Jan 2018 03:40:02 GMT
phpCollab 2.5.1 Unauthenticated File Upload
This Metasploit module exploits a file upload vulnerability in phpCollab version 2.5.1 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The exploit has been tested on Ubuntu 16.04.3 64-bit

Thu, 11 Jan 2018 02:40:03 GMT
Red Hat Security Advisory 2018-0081-01
Red Hat Security Advisory 2018-0081-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 28.0.0.137. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletins listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to disclose sensitive information or modify its settings when the victim loaded a page containing the malicious SWF content.

Mon, 08 Jan 2018 12:22:00 GMT
Sangoma NetBorder / Vega Session Controller Remote Command Execution
Sangoma NetBorder / Vega Session Controller versions prior to 2.3.12-80-GA allows remote unauthenticated attackers to execute arbitrary commands via the web interface.

Sat, 06 Jan 2018 18:08:16 GMT
Red Hat Security Advisory 2018-0061-01
Red Hat Security Advisory 2018-0061-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.2. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

Sat, 06 Jan 2018 18:00:39 GMT
SonicWall SonicOS NSA Web Firewall Cross Site Scripting
SonicWall SonicOS NSA Web Firewall is susceptible to cross site scripting attacks due to a filter bypass vulnerability.

Thu, 04 Jan 2018 01:01:48 GMT
Ubuntu Security Notice USN-3516-1
Ubuntu Security Notice 3516-1 - It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions.

Thu, 04 Jan 2018 00:52:39 GMT
Linksys WVBR0-25 User-Agent Command Execution
The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in versions prior to 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability.

Wed, 03 Jan 2018 17:26:27 GMT
Ubuntu Security Notice USN-3514-1
Ubuntu Security Notice 3514-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Wed, 03 Jan 2018 17:00:06 GMT
Wapiti Web Application Vulnerability Scanner 3.0.0
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Sun, 31 Dec 2017 15:36:15 GMT
Red Hat Security Advisory 2018-0005-01
Red Hat Security Advisory 2018-0005-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.

Thu, 28 Dec 2017 04:44:00 GMT
Easy Web Grabber 1.0.0 Cross Site Scripting
Easy Web Grabber version 1.0.0 suffers from a persistent cross site scripting vulnerability.

Wed, 27 Dec 2017 05:55:55 GMT
ALLMediaServer 0.95 Buffer Overflow
This Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.95. The vulnerability is caused due to a boundary error within the handling of HTTP request.

Wed, 27 Dec 2017 05:02:22 GMT
Telesquare SKT LTE Router SDT-CS3B1 CSRF / Command Execution
The Telesquare SKT LTE SDT-CS3B1 router suffers from authenticated arbitrary system command execution. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

Wed, 27 Dec 2017 05:02:22 GMT
PHP Web Stat 4.5.03 Backdoor Account
PHP Web Stat version 4.5.03 has a backdoor admin account with a password of admin.

Wed, 27 Dec 2017 04:02:22 GMT
PHP Web Stat 4.5.03 Cross Site Scripting
PHP Web Stat version 4.5.03 suffers from a cross site scripting vulnerability.

Wed, 27 Dec 2017 02:22:22 GMT
PHP Web Stat 4.5.03 Database Disclosure
PHP Web Stat version 4.5.03 suffers from a database backup disclosure vulnerability.

Mon, 18 Dec 2017 20:22:22 GMT
PHP Web Stat 4.x.x Information Disclosure
PHP Web Stats versions 4.x.x suffers from an information disclosure vulnerability.

Mon, 18 Dec 2017 14:19:00 GMT
GoAhead LD_PRELOAD Remote Code Execution
GoAhead http versions 2.5 through 3.6.5 LD_PRELOAD remote code execution exploit.

Mon, 18 Dec 2017 14:14:00 GMT
Red Hat Security Advisory 2017-3484-01
Red Hat Security Advisory 2017-3484-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. CloudForms Management Engine Appliance. CloudForms Management Engine Gemset. Multiple security issues have been addressed.


Red Hat Security Advisory 2017-3479-01
Red Hat Security Advisory 2017-3479-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239.108. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
view page: 132

Men's Sale Section! Save up to 50% on Underwears, T-shirts and more at Freshpair.com! Free Shipping on all US orders.

Start: 09 Aug 2017 | End: 01 May 2018

Save 10% when you order four or more jams, jellies or marmalades!

Start: 28 Apr 2017 | End: 28 Apr 2018

The Launch of Mr P. A new brand designed and created by MR PORTER.

Start: 07 Nov 2017 | End: 07 Nov 2018

Search All Amazon* UK* DE* FR* JP* CA* CN* IT* ES* IN* BR* MX
Booking.com B.V. is based in Amsterdam in the Netherlands. Ready for some statistics? Our 1,534,024 properties, including 860,482 holiday rentals, are located in 123,105 destinations in 229 countries and territories, and are supported internationally by 198 offices in 70 countries.
2013 Copyright © Techhap.com Mobile version 2015 | PeterLife & company
Terms of use Link at is mandatory if site materials are using fully or particulary.
Were treated to the site administrator, a cup of coffee *https://paypal.me/peterlife
Yandex.ru