Feed aggregator

SEC Consult SA-20141015-0 :: Potential Cross-Site Scripting in ADF Faces

BugTraq Latest Security Advisories - October 15, 2014 - 9:28am

Posted by SEC Consult Vulnerability Lab on Oct 15

SEC Consult Vulnerability Lab Security Advisory < 20141015-0 >
=======================================================================
title: Potential Cross-Site Scripting
product: ADF Faces
vulnerable version: 12.1.2.0
fixed version: versions with CPU Oct-2014 patch applied
impact: low
homepage: http://www.oracle.com/adf
found: 2014-05-01
by: W....
Categories:

Reflected Cross-Site Scripting (XSS) in MaxButtons WordPress Plugin

BugTraq Latest Security Advisories - October 15, 2014 - 9:18am

Posted by High-Tech Bridge Security Research on Oct 15

Advisory ID: HTB23237
Product: MaxButtons WordPress plugin
Vendor: Max Foundry
Vulnerable Version(s): 1.26.0 and probably prior
Tested Version: 1.26.0
Advisory Publication: September 24, 2014 [without technical details]
Vendor Notification: September 24, 2014
Vendor Patch: October 2, 2014
Public Disclosure: October 15, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-7181
Risk Level: Low
CVSSv2 Base Score: 2.6...
Categories:

Multiple Cross-Site Scripting (XSS) in WP Google Maps WordPress Plugin

BugTraq Latest Security Advisories - October 15, 2014 - 9:08am

Posted by High-Tech Bridge Security Research on Oct 15

Advisory ID: HTB23236
Product: WP Google Maps WordPress plugin
Vendor: WP Google Maps
Vulnerable Version(s): 6.0.26 and probably prior
Tested Version: 6.0.26
Advisory Publication: September 24, 2014 [without technical details]
Vendor Notification: September 24, 2014
Vendor Patch: September 29, 2014
Public Disclosure: October 15, 2014
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2014-7182
Risk Level: Low
CVSSv2 Base...
Categories:

Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

BugTraq Latest Security Advisories - October 15, 2014 - 8:57am

Posted by Vulnerability Lab on Oct 15

Document Title:
===============
Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1129

PayPal Security UID: TM13a2uL

Release Date:
=============
2014-10-14

Vulnerability Laboratory ID (VL-ID):
====================================
1129

Common Vulnerability Scoring System:
====================================
4.1...
Categories:

Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

BugTraq Latest Security Advisories - October 15, 2014 - 8:48am

Posted by Vulnerability Lab on Oct 15

Document Title:
===============
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1303

Release Date:
=============
2014-10-13

Vulnerability Laboratory ID (VL-ID):
====================================
1303

Common Vulnerability Scoring System:
====================================
3.6

Product & Service Introduction:...
Categories: