Next Last 1. 2014-12-31 [1] [FD] [KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Comman full-disclos Egidio Romano 2. 2014-12-31 [1] [FD] [KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code full-disclos Egidio Romano 3. 2014-12-31 [1] [FD] [KIS-2014-17] GetSimple CMS <= 3.3.4 (api.php) XML External Entity full-disclos Egidio Romano 4. 2014-12-31 [1] [FD] [KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Uplo full-disclos Egidio Romano 5. 2014-12-31 [1] [FD] [KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vuln full-disclos Egidio Romano 6. 2014-12-31 [1] [FD] [KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection full-disclos Egidio Romano 7. 2014-12-31 [1] [FD] Windows 8 Privilege Escalation full-disclos Allen 8. 2014-12-31 [1] [FD] [The ManageOwnage Series, part X]: 0-day administrator account crea full-disclos Pedro Ribeiro 9. 2014-12-30 [4] [FD] Defense in depth -- the Microsoft way (part 23): two quotes or not full-disclos Stefan Kanthak 10. 2014-12-30 [1] [FD] Multiple SQL Injections and Reflecting XSS in Absolut Engine v. 1.7 full-disclos Steffen_Rösemann 11. 2014-12-29 [1] [FD] Reminder and Extension CanSecWest CFP deadline tomorrow, December 3 full-disclos Dragos Ruiu 12. 2014-12-29 [1] [FD] nullcon HackIM Challenge 9-11 Jan 2015 full-disclos nullcon 13. 2014-12-29 [1] [FD] CNN cnn.com Travel XSS and ADS Open Redirect Security Vulnerabiliti full-disclos Jing Wang 14. 2014-12-29 [1] [FD] CVE-2014-7294 Ex Libris Patron Directory Services (PDS) Open Redire full-disclos Jing Wang 15. 2014-12-29 [1] [FD] CVE-2014-7293 Ex Libris Patron Directory Services (PDS) XSS (Cross- full-disclos Jing Wang 16. 2014-12-28 [1] [FD] XSS and CSRF vulnerabilities in CMS Pylot full-disclos MustLive 17. 2014-12-27 [1] [FD] CSRF vulnerability in CMS e107 v.2 alpha2 full-disclos Steffen_Rösemann 18. 2014-12-27 [1] [FD] /usr/bin/a2p buffer overflow full-disclos up201407890 19. 2014-12-27 [1] [FD] Wordpress Frontend Uploader Cross Site Scripting(XSS) full-disclos SECUPENT Research Cen 20. 2014-12-25 [3] [FD] Wickr Desktop v2.2.1 Windows - Denial of Service Vulnerability full-disclos Vulnerability Lab 21. 2014-12-25 [1] [FD] Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities full-disclos Vulnerability Lab 22. 2014-12-25 [1] [FD] PHPLIST v3.0.6 & v3.0.10 - SQL Injection Vulnerability full-disclos Vulnerability Lab 23. 2014-12-25 [1] [FD] Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability full-disclos Vulnerability Lab 24. 2014-12-25 [1] [FD] ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability full-disclos Vulnerability Lab 25. 2014-12-25 [1] [FD] Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerab full-disclos Vulnerability Lab 26. 2014-12-25 [1] [FD] Facebook Bug Bounty #17 - Migrate Privacy Vulnerability full-disclos Vulnerability Lab 27. 2014-12-23 [1] [FD] Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 full-disclos Steffen_Rösemann 28. 2014-12-23 [7] [FD] The Misfortune Cookie Vulnerability full-disclos Jon Hart 29. 2014-12-23 [1] [FD] CALL FOR PAPERS - NUIT DU HACK - 20/21 JUNE 2015 full-disclos freeman 30. 2014-12-23 [1] [FD] Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1 full-disclos Steffen_Rösemann Next Last