Directory Traversal – Page 2 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Tue, 16 May 2017 05:32:18 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities types found in AContent version 1.3. AContent is an open source learning content management system (LCMS) used to create interoperable, accessible, adaptive Web-based learning content. It can be used along with learning management systems to develop, share, and archive learning materials. For those familiar with ATutor, … Continue reading SSD Advisory – AContent Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Cisco DPC3928 Router Arbitrary File Disclosure

May 10, 2017 admin Directory Traversal, SecuriTeam Secure Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Wed, 10 May 2017 07:43:17 +0000

Vulnerability Summary The following advisory describes an arbitrary file disclosure vulnerability found in Cisco DPC3928AD DOCSIS 3.0 2-PORT Voice Gateway. The Cisco DPC3928AD DOCSIS is a home wireless router that is currently "Out of support" but is provided by ISPs world wide. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam … Continue reading SSD Advisory – Cisco DPC3928 Router Arbitrary File Disclosure

Independent Securiteam

SSD Advisory – Emby Media Server Multiple Vulnerabilities

April 25, 2017 admin Directory Traversal, File Disclosure, SecuriTeam Secure Disclosure, SQL Injection

Credit to Author: Maor Schwartz| Date: Tue, 25 Apr 2017 05:03:48 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Emby Media Server. Affected versions are: 3.1.5, 3.1.2, 3.1.1, 3.1.0 and 3.0.0. Emby Media Server (formerly Media Browser) is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client server model. … Continue reading SSD Advisory – Emby Media Server Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE

March 19, 2017 admin Commentary, Directory Traversal, External Entity (XXE), Remote Code Execution

Credit to Author: Maor Schwartz| Date: Sun, 19 Mar 2017 08:05:05 +0000

Vulnerability Summary The following advisory describe Information Disclosure found in Oracle Knowledge Management version 8.5.1. By enabling searches across a wide variety of sources, Oracle’s InQuira knowledge management products offer simple and convenient ways for users to access knowledge that was once hidden in the myriad systems, applications, and databases used to store enterprise content. … Continue reading SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE →