Kailash

Vision HelpDesk vulnerabilities

Product Description: Vision Helpdesk is the only web based Help Desk Software that allows to manage support for multiple companies at one place with single staff portal for all companies and each company having its own client portal. Recently following vulnerabilities were discovered in Vision Helpdesk: Various Modules Local File Inclusions There are various modules …

Vision HelpDesk vulnerabilities Read More »

PowerDNS security vulnerability

PowerDNS had released an update to address  security vulnerability and it is recommended that you update as soon as possible. Following are the detailed information on this security vulnerability and the versions which were affected by this PowerDNS security vulnerability: CVE: CVE-2015-1868 Date: 23rd of April 2015 Affects: PowerDNS Recursor versions 3.5 and up; Authoritative …

PowerDNS security vulnerability Read More »

WHMCS v5.3.13 released

WHMCS has released WHMCS v5.3.13. This is a maintenance release for WHMCS v5.3.x branch. This release contains an update to the GlobalSign SSL certificate options. On March 30th, 2015, GlobalSign removed the ability to register certificates for 4 and 5 years. For more information, you refer GlobalSign blog post. Following is the changelog: Maintenance CORE-6719 …

WHMCS v5.3.13 released Read More »

Critical XSS 0-Day Vulnerability Disclosed in WordPress 4.2

A critical, unpatched 0-day vulnerability affecting WordPress comment mechanisms. This vulnerability is now disclosed publicly. Who is affected? If your WordPress site allows users to post comments via the WordPress commenting system, you’re at risk. An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts …

Critical XSS 0-Day Vulnerability Disclosed in WordPress 4.2 Read More »

Automatic upgrade to WordPress 4.1.3

WordPress has released WordPress 4.2 yesterday but some of your WordPress installation should be upgraded to WordPress 4.1.3 today. This was a maintenance release for the recent security update WordPress 4.1.2. WordPress 4.1.3 has fixed the following database related issue: Fix database writes for esoteric character sets, broken in the WordPress 4.1.2 security release. Neither …

Automatic upgrade to WordPress 4.1.3 Read More »

WordPress 4.1.2 Security Release

WordPress team has released a critical security update for all previous versions and it is strongly encourage that you update your WordPress version to WordPress 4.1.2. WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. They have also fixed three other security …

WordPress 4.1.2 Security Release Read More »

Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)

Last week, Microsoft had released an important security update. This security update resolves a vulnerability in Microsoft Windows. HTTP.sys Vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. This security update is rated Critical for all supported editions of Windows 7, Windows 8, Windows 8.1, …

Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) Read More »

Drupal Patches Flaw That Allowed Hackers to Forge Password Reset URLs

A popular content management system, Drupal has released an update addressing two moderately critical vulnerabilities with the versions 6.35 and 7.35. Apart from Joomla and WordPress, Drupal is also widely used content management system. Both vulnerabilities are present in all versions prior to 6.35 (for Drupal core 6.x) and prior to 7.35 (for Drupal core …

Drupal Patches Flaw That Allowed Hackers to Forge Password Reset URLs Read More »

OpenSSL Security Updates – March 19, 2015

An update for OpenSSL was just released to address various security vulnerabilities (low to moderate risk) and it is recommended that you update as soon as possible. In January 2015, OpenSSL had released a security update.After January 2015, they released another security update for all supported OpenSSL versions. For more detail on OpenSSL security advisory, …

OpenSSL Security Updates – March 19, 2015 Read More »