Tags archives: unix

 

0

srm – secure file deletion for posix systems

srm is a secure replacement for rm(1). Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it’s unlikely that it can completely prevent that type [...]

 

0

WordPress ADPlugg 1.1.33 Cross Site Scripting

===================================================== Stored XSS Vulnerability in ADPlugg Wordpress Plugin =====================================================   . contents:: Table Of Content   Overview ========   * Title :Stored XSS Vulnerability in ADPlugg Wordpress Plugin * Author: Kaustubh G. Padwad * Plugin Homepage: https://wordpress.org/plugins/adplugg/ * Severity: Medium * Version Affected: 1.1.33 and mostly prior to it * Version Tested : 1.1.33 * [...]

 

0

WordPress WooCommerce 2.2.10 Cross Site Scripting

==================================================== Product: WooCommerce WordPress plugin Vendor: WooThemes Tested Version: 2.2.10 Vulnerability Type: Cross-Site Scripting [CWE-79] Risk Level: Medium CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) Solution Status: Solved in version 2.2.11 Discovered and Provided: Eric Flokstra – ITsec Security Services ==================================================== [-] About the Vendor:   WooCommerce is a popular open source WordPress e-commerce plugin with around [...]

 

0

Advanced Policy Firewall

Current Release: http://www.rfxn.com/downloads/apf-current.tar.gz http://www.rfxn.com/appdocs/README.apf http://www.rfxn.com/appdocs/CHANGELOG.apf Description: Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, [...]

 

0

Juli Man-In-The-Middle Script

#!usr/bin/perl use Term::ANSIColor; ############################################################################ print “**************************************************************n”; # print “+ -== JULI ==- +n”; # print “+ -== Man-in-the-middle Attack Script ==- +n”; # print “+ -== By em616 , em(at)em616.com , http://blog.em616.com ==- +n”; # print “**************************************************************n”; # ############################################################################   # Cleaning stuff system “killall -9 sslstrip arpspoof:”; system “echo ’0′ > /proc/sys/net/ipv4/ip_forward”; system “iptables [...]

 

0

WordPress Google Doc Embedder 2.5.18 Cross Site Scripting

Title: WordPress ‘Google Doc Embedder’ plugin – XSS Version: 2.5.18 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/google-document-embedder/ Contacted WordPress: 2015/01/26 ==========================================================   ## Description: ========================================================== Lets you embed PDF, MS Office, and many other file types in a web page using the free Google Docs Viewer (no Flash or PDF browser [...]

 

0

WordPress Spider Facebook 1.0.10 Cross Site Scripting

Title: WordPress ‘WordPress Facebook’ plugin – XSS Version: 1.0.10 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/spider-facebook/ Contacted WordPress: 2015/01/26 ==========================================================   ## Description: ========================================================== Spider Facebook is a WordPress integration tool for Facebook.It includes all the available Facebook social plugins and widgets to be added to your web   ## XSS: [...]

 

0

WordPress Redirection Page 1.2 CSRF / XSS

Title: WordPress ‘Redirection Page’ CSRF/XSS Version: 1.2 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015-01-26 Download: https://wordpress.org/plugins/redirection-page/ Contacted WordPress: 2015-01-26 ==========================================================   ## Plugin description: ========================================================== Redirect your specified pages, it is usefull when you have 404/not-found pages. Go to Settings Page to start redirection.   ## CSRF: ========================================================== It is possible to change [...]

 

0

WordPress Cross Slide 2.0.5 Cross Site Request Forgery / Cross Site Scripting

Title: WordPress ‘Cross Slide’ plugin – XSS/CSRF Version: 2.0.5 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/crossslide-jquery-plugin-for-wordpress/ Contacted WordPress: 2015/01/26 ==========================================================   ## Plugin description: ========================================================== The CrossSlide jQuery plugin for WordPress is designed to quickly add the JS and CSS requirements to operate the jQuery slideshow.   ## CSRF: ========================================================== It [...]

 

0

WordPress Mobile Domain 1.5.2 Cross Site Request Forgery / Cross Site Scripting

Title: WordPress ‘Mobile Domain’ CSRF/XSS Version: 1.5.2 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/mobile-domain/ Contacted WordPress: 2015/01/26 ==========================================================   ## Description: ========================================================== Redirect WordPress blog from desktop domain to mobile subdomain and create Mobile XML Sitemap.   ## CSRF: ========================================================== It is possible to change the plugins admin settings by tricking [...]