John Jason Fallows

Archive for the ‘Uncategorized’ category

Quote of the Day

February 20th, 2018

“I didn’t think; I experimented.” – Anthony Burgess

SQL injection vulnerability in the "Marketing > Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter. Published at: February 19, 2018 at 04:29PMView on website

SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter. Published at: February 19, 2018 at 04:29PMView on website

SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter. Published at: February 19, 2018 at 04:29PMView on website

DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. Published at: February 19, 2018 at 02:29PMView on website

GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors. Published at: February 19, 2018 at 02:29PMView on website

Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759. Published at: February 19, 2018 at 02:29PMView on website

Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors. Published at: February 19, 2018 at 02:29PMView on website

Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors. Published at: February 19, 2018 at 02:29PMView on website

An issue was discovered in PHP through 7.2.2. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of […]

John Jason Fallows

More

Follow me on:

John - Power, beauty and soul.
February 2018
S M T W T F S
« Jan    
 123
45678910
11121314151617
18192021222324
25262728  

Who's Online

40 visitors online now
8 guests, 32 bots, 0 members

Good Reads

John Jason Fallow’s SoundCloud

John Jason Fallows

Proudly powered by WordPress. Theme developed with WordPress Theme Generator.
Copyright © John Jason Fallows. All rights reserved.