Easy WP SMTP <= 1.3.9 – Unauthenticated Arbitrary wp_options Import
More info:
https://wpvulndb.com/vulnerabilities/9237
WP Support Plus Responsive Ticket System <= 9.1.1 – Stored XSS
https://wpvulndb.com/vulnerabilities/9235
More info:
https://wpvulndb.com/vulnerabilities/9235
Better Search 2.2.2 – Unauthenticated SQL Injection
More info:
https://wpvulndb.com/vulnerabilities/9236
DSA-4409 neutron – security update
Erik Olof Gunnar Andersson discovered that incorrect validation of portsettings in the iptables security group driver of Neutron, the OpenStackvirtual network service, could result in denial of service in a multitenant setup.
More info:
https://www.debian.org/security/2019/dsa-4409
WP Support Plus Responsive Ticket System <= 9.1.1 – Stored XSS
More info:
https://wpvulndb.com/vulnerabilities/9235
Better Search 2.2.2 – Unauthenticated SQL Injection
https://wpvulndb.com/vulnerabilities/9236
More info:
https://wpvulndb.com/vulnerabilities/9236
Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2019-004
Project: Drupal coreDate: 2019-March-20Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site ScriptingDescription: Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.Solution: If you are using Drupal 8.6, update to Drupal 8.6.13.If you are using Drupal 8.5 or earlier, update to Drupal 8.5.14.If you are using Drupal 7,
More info:
https://www.drupal.org/sa-core-2019-004
More on Dnsden[.]biz Swipers and Radix Obfuscation
http://feedproxy.google.com/~r/sucuri/blog/~3/p35239WlB2o/more-on-dnsden-biz-swipers-and-radix-obfuscation.html After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3 #EKFiddle [Regex update]: Added Radix Web Skimmer identified by @unmaskparasites (https://t.co/3YJM9YeyAw).Additional domain seen in campaigns: checkip[.]bizhttps://t.co/U67qZosp1e pic.twitter.com/ZWwGZG6zyN — EKFiddle
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/p35239WlB2o/more-on-dnsden-biz-swipers-and-radix-obfuscation.html
More on Dnsden[.]biz Swipers and Radix Obfuscation
http://feedproxy.google.com/~r/sucuri/blog/~3/p35239WlB2o/more-on-dnsden-biz-swipers-and-radix-obfuscation.html After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3 #EKFiddle [Regex update]: Added Radix Web Skimmer identified by @unmaskparasites (https://t.co/3YJM9YeyAw).Additional domain seen in campaigns: checkip[.]bizhttps://t.co/U67qZosp1e pic.twitter.com/ZWwGZG6zyN — EKFiddle
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/p35239WlB2o/more-on-dnsden-biz-swipers-and-radix-obfuscation.html