Archives for Security | Elar Lang

2019-09-07 CVE-2018-18809 Path traversal in Tibco JasperSoft

2019-01-25 Detect WRC+ AllLive video stream address

2018-04-24 CVE-2017-15715 - Apache HTTP Server - FilesMatch bypass with a trailing newline at the end of the file name

2018-02-11 CVE-2016-10007 and CVE-2016-10008 - 2 SQL injection vulnerabilities in dotCMS, blacklist defence bypass

2016-12-12 CVE-2016-1000271 SQL injection in Joomla extension DT Register

2016-11-15 Reflected XSS in cert.org

2016-10-31 Multiple SQL injection vulnerabilities in dotCMS (8x CVE Full Disclosure)

2016-10-17 CVE-2016-8600 dotCMS - CAPTCHA bypass by reusing valid code

2016-07-18 Reflected XSS in LinkedIn (in 2013)

2016-06-28 Request URI, Query String and URL encoding

2016-05-24 CVE-2016-4803 dotCMS - email header injection vulnerability (Full Disclosure)

2016-05-21 Today is 'The Other Tomorrow'