Tag: My Vulnerabilities

  • Disclosure: e-MDs, Inc. Solution Series 7.2.1.634 Screen Lock Failure Information Disclosure

    e-MDs, Inc. Solution Series integrated electronic health record and practice management software version 7.2.1.634 contains a flaw in the screen lock functionality. When a user locks the screen, under some circumstances, the screen will display the login box but fail to obscure any of the information displayed otherwise. As I discovered on March 21, 2014 […]

  • Disclosure: Samsung Galaxy Phones Factory Reset Persistent Local Information Disclosure

    A couple years back, I handed my Samsung Galaxy S1 down to a friend. When she got it she browsed the file system out of curiosity and noticed that it had retained private information; both from applications, as well as content I generated (e.g. pictures). While she promised to do a write-up of all the […]

  • Disclosure: Mr Number for Android Screenlock Bypass Concern

    Mr. Number is an android app that allows you to do a variety of blocking for incoming communication. I’ve been using it for several months now and am quite happy. Crowd-sourced spam detection lets you know a new number is spam usually. When a call comes in that is suspected spam, a pop-up appears with […]

  • Disclosure: Oempro Multiple Vulnerabilities

    [This was originally published on OSVDB, now gone. VulnDB IDs 50321, 50322, 50323, 50324] Release Date: 2008-12-01Application: Octeth Technologies, Oempro 3.5.5.1Cross Ref: CVE-2008-3057, CVE-2008-3058, CVE-2008-3059OSVDB: 50321 .. 50324Reference: http://osvdb.org/ref/50/oempro.txt Description: “What is Oempro? Newsletters, product release announcement emails, e-cards, happy birthday emails, email reminders, auto responders, simply all kind of emails can easily be generated […]

  • Disclosure: Multiple Software Remote File Inclusion

    [This was originally disclosed on the VIM mail list. VulnDB IDs 90794, 90795, 90796. This was the result of watching Apache logs on attrition.org and observing a wide variety of RFI attacks. I started comparing some of the scripts being attempted with OSVDB and noticed some were not found. That means these were essentially 0days […]

  • Disclosure: IntraLearn 2.1 Multiple Vulnerabilities

    http://www.intralearn.com/ 1) Cross-site Scripting (XSS) URL Variables/library/description_link.cfm outline, course/library/courses_catalog.cfm records_to_display, the_start 2) Login Information Cached In Memory The login POST requests for the IntraLearn returns a 200 OK HTTP response code. As long as the browser window is not closed, it is possible for someone to use the browsers “Back” button until the page after […]

  • Disclosure: Apache Axis Nonexistent Java Web Service Remote Path Disclosure

    [This was originally disclosed on the VIM mail list. VulnDB ID 34154] Watchfire’s Appscan product looks for this vulnerability (not sure what they officially title it, the title above is my own), but I can’t find any reference to it. Google finds a lot of indirect references suggesting it is common knowledge to the folks […]

  • Disclosure: Annuaire (Directory) Multiple Vulnerabilities

    [This was originally published on OSVDB, now gone. VulnDB IDs 24302, 24303] Comment left on feedback page:http://www.brunox.org/modules.php?op=modload&name=FeedBack&file=index While testing your demo of Annuaire (Directory), I noticed a few security vulnerabilities: Many pages are calling /include/lang-en.php which is showing the full installation path. Additionally, directly requesting this script will reveal the full path. inscription.php The comment […]

  • Disclosure: ARIA (Accounting Receiving and Inventory Administration) genmessage.php Message Field XSS

    [This was originally published on OSVDB, now gone. VulnDB ID 24255] From: security curmudgeonTo: jflechtner[at]users.sourceforge.netDate: Tue, 28 Mar 2006 11:25:02 -0500 (EST)Subject: ARIA security issue Hey Josh, Not sure if you are still maintaining this project, but while playing with the demo I noticed a small security issue. The genmessage.php script doesn’t sanitize user input […]

  • Disclosure: @1 Event Publisher / @1 Table Publisher Multiple Vulnerabilities

    [This was originally published on OSVDB, now gone. VulnDB 24235, 24236, 24237, 24238] Ticket has been submitted. The ticket number is SCR00994. While looking at some of your scripts, I noticed there are a few security issues: UPOINT @1 Event Publishereventpublisher_admin.htm does not validate input to the Event, Description, Time, Website, and Public Remarks fields. […]