Seagate Media Server on a Seagate Personal Cloud model SRN21C running firmware version 4.3.16.0 suffers from an unauthenticated arbitrary file and folder deletion vulnerability.
D-Link DNS-343 ShareCenter versions 1.05 and below suffer from a remote command injection vulnerability.
D-Link DNS-325 ShareCenter versions 1.05B03 and below suffer from remote shell upload and command injection vulnerabilities.
RedTeam Pentesting discovered that the shibd service of Shibboleth 2 does not extract SAML attribute values in a robust manner. By inserting XML entities into a SAML response, attackers may truncate attribute values without breaking the document’s signature. This might lead to a complete bypass of authorisation mechanisms. Versions prior to 2.6.1 are affected.
http://www.nonsanga.go.th/web1/file_editor/SeRaVo.txt notified by SeRaVo BlackHaT
Tags: defacementhttp://kalasin.nfe.go.th//file_editor/0day.txt notified by Danger BoY
Tags: defacementThe vulnerability labortory core research team discovered a insecure authentication issue in the official …
The vulnerability laboratory core research team discovered a remote sql-injection vulnerability in the official Zenario …
The vulnerability laboratory core research team discovered a local privilege escalation vulnerability in the Oracle Agil…