Multiple critical vulnerabilities were discovered in Symantec Data Center Security: Server Advanced (SDCS:SA) and Symantec Critical System Protection (SCSP). These vulnerabilities include CVE-2014-7289, CVE-2014-9224, CVE-2014-9225, and CVE-2014-9226. These vulnerabilities could allow an attacker to gain access to sensitive information, execute arbitrary code, and cause a denial of service. SCSP 5.2.9 MP6 and SDCS:SA 6.0 MP1 have been released to address these vulnerabilities, but not all of them have been fixed.
The content management system ferretCMS v.1.0.4, which is currently in alpha development stage, suffers from multiple stored/reflecting XSS- and SQLi-vulnerabilities in its administrative backend. Moreover, there exists the possibility to upload arbitrary files via the administrative backend, which can be executed by unauthenticated users, too.
Some Android devices are affected by a Denial of Service attack when scanning for WiFi Direct devices. An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class.
ManageEngine EventLog Analyzer is vulnerable to directory traversal and XSS attacks. An attacker can exploit this vulnerability to gain access to sensitive files and execute malicious scripts in the user's browser.
XSF occurs when an SWF have permission/able to load another file from another directory or site.The vulnerable swf can be exploited by just loading swf/img/any ( like Phishing or Cross-Site scripting. As you can see the .buttonTextStyle variable is not well configured ( by exactly adding the value ) and This ButtonTextStyle will accept any value. The vulneralbe SWF will load any file.
Comodo Backup is vulnerable to a null pointer dereference privilege escalation vulnerability. This vulnerability can be exploited by a local attacker to gain elevated privileges on the system. The vulnerability exists due to a lack of proper validation of user-supplied input when handling certain IOCTLs. An attacker can exploit this vulnerability by sending a specially crafted IOCTL to the vulnerable driver. This can allow the attacker to gain elevated privileges on the system.
A user with limited privileges could gain access to certain functionality that is available only to administrative users. For example, users with Guest privileges can see the subjects of the tickets, stats and other information related to tickets.
A filter bypass vulnerability has been discovered in the official Barracuda Networks Cloud Series Appliance Applications 2014-Q1. The filter bypass issue allows an attacker to bypass the secure filter validation of the service to execute malicious script codes. The barracuda filter blocks for example standard iframes, scripts and other invalid code context: The cloud service has a own exception-handling to parse or encode malicious injected web context. The mechanism filters the first request and sanitizes the output in every input field. During a pentest we injected a standard iframe to check and provoke the validation. The frame got blocked! In the next step the attacker splits (%20%20%20) the request and injects at the end an onload frame to an external malicious source. The second iframe with the onload alert executes the script codes after the validation encoded only the first script code tag. The santization of the input field does not filter the onload frame.
A remote sql injection web vulnerability has been discovered in the official Mangallam Content Management System 2015-Q1. The sql vulnerability allows an attacker to inject sql commands to compromise the application & database management system. The sql injection vulnerability is located in the `newsid` value of the vulnerable `news_view.php` application file. Remote attackers are able to inject own sql commands by manipulation of the vulnerable newsid value in the `news_view.php` file.
An unauthenticated and authenticated user can enumerate users and domains on the system by sending a simple request to URL.
Services By CQR