ATENTIONβΌ New - CVE-2015-9470
π Read
via "National Vulnerability Database".
The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9469
π Read
via "National Vulnerability Database".
The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9468
π Read
via "National Vulnerability Database".
The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9467
π Read
via "National Vulnerability Database".
The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9466
π Read
via "National Vulnerability Database".
The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9465
π Read
via "National Vulnerability Database".
The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9464
π Read
via "National Vulnerability Database".
The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9463
π Read
via "National Vulnerability Database".
The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9462
π Read
via "National Vulnerability Database".
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9461
π Read
via "National Vulnerability Database".
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9460
π Read
via "National Vulnerability Database".
The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9459
π Read
via "National Vulnerability Database".
The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9459
π Read
via "National Vulnerability Database".
The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9458
π Read
via "National Vulnerability Database".
The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9457
π Read
via "National Vulnerability Database".
The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter.π Read
via "National Vulnerability Database".
π΄ Works of Art: Cybersecurity Inspires 6 Winning Ideas π΄
π Read
via "Dark Reading: ".
The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with security themes and elements. Check 'em out.π Read
via "Dark Reading: ".
Dark Reading
Works of Art: Cybersecurity Inspires 6 Winning Ideas - Dark Reading
The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with security themes and elements. Check 'em out.
π΄ Akamai Snaps Up ChameleonX to Tackle Magecart π΄
π Read
via "Dark Reading: ".
The Israel-based ChameleonX aims to protect websites from cyberattacks targeting payment data.π Read
via "Dark Reading: ".
Dark Reading
Akamai Snaps Up ChameleonX to Tackle Magecart
The Israel-based ChameleonX aims to protect websites from cyberattacks targeting payment data.
β Cryptomining Crook Steals Game Developerβs Identity to Carry Out Dirty Work β
π Read
via "Threatpost".
An alleged fraudster built a vast web of AWS cloud accounts, becoming the platform's biggest consumer of data resources.π Read
via "Threatpost".
Threat Post
Cryptomining Crook Steals Game Developerβs Identity to Carry Out Dirty Work
An alleged fraudster built a vast web of AWS cloud accounts, becoming the platform's biggest consumer of data resources.
β vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach β
π Read
via "Threatpost".
A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum -- data that researchers say could be used for blackmail.π Read
via "Threatpost".
Threat Post
vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum β data that researchers say could be used for blackmail.
π΄ Imperva Details Response to Customer Database Exposure π΄
π Read
via "Dark Reading: ".
The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.π Read
via "Dark Reading: ".
Darkreading
Imperva Details Response to Customer Database Exposure
The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.
π΄ AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security π΄
π Read
via "Dark Reading: ".
π Read
via "Dark Reading: ".
Dark Reading
AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security
Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.