月度存档: 10月 2013

IBM WebSphere DataPower XC10 Administrative Access及Web Logoff漏洞

Drupal Quick Tabs 6.x / 7.x Access Bypass

Apache / PHP 5.x Remote Code Execution Exploit

McAfee Firewall Enterprise多个安全漏洞

cPanel /usr/local/cpanel/base/3rdparty/Logaholic目录权限特权提升漏洞

cPanel Webmail/Demo账户权限绕过任意文件删除漏洞

cPanel特制SSL证书上传远程拒绝服务漏洞

cPanel多个组件特制POST请求任意文件操作漏洞

Avira Internet Security avipbb.sys Filter Bypass and Privilege Escalation

cPanel WebHost Manager 3.1 dofeaturemanager feature Parameter XSS

vBulletin install/upgrade.php任意管理账户创建漏洞

phpb2b SQL注入漏洞

phpb2b本地文件包含漏洞

WordPress dhtmlxspreadsheet Plugin ‘page’参数跨站脚本漏洞

Red Hat JBoss Operations Network ‘storeFiles()’不安全临时目录创建漏洞

Mozilla Firefox Cookie校验远程拒绝服务漏洞

GNU C Library gethosts域转换结果处理栈溢出拒绝服务漏洞

DELL Quest One Password Manager CAPTCHA安全绕过漏洞

Apache Shindig CVE-2013-4295 XML外部实体信息泄漏漏洞

Joomla! Maian15 Component ‘name’参数任意shell上传漏洞

Netgear WNDR3700 Router多个验证绕过漏洞

PHPCMS Guestbook多个HTML注入漏洞

Apple Safari 6.1修复多个安全漏洞

Linux Kernel UDP_CORK和UFO内存破坏漏洞

WordPress Payment Gateways Caller插件本地文件包含漏洞

WordPress DailyDeal theme文件上传漏洞

WordPress Blue Wrench Video Widget插件跨站请求伪造漏洞

WordPress AREA53 Theme ‘php.php’任意文件上传漏洞