WP eCommerce WordPress Plugin Security update

WP eCommerce is WordPress plugin used by eCommerce web site to sell products online. There is a medium severity vulnerability discovered in the WordPress WP eCommerce plugin. The vulnerability has been patched and if you are using the plugin we encourage you to update at your earliest convenience. The security issue was patched in version […]

Idera Server Backup Manager (R1Soft) – Session Fixation Vulnerability

Idera Server Backup Manager is an affordable, high-performance, disk-to-disk backup software for Linux and Windows servers. (This software was previously more commonly known as R1Soft Backup.) Vulnerability Description: It is possible for a malicious user to clone an authenticated user / admin session which could result in unauthorized access. Impact: The vulnerability was rated as […]

EasyApache 3.26.9 Released

EasyApache 3.26.9 was released with PHP versions 5.4.34 and 5.5.18 and libxml2 version 2.9.2. This release addresses vulnerabilities related to CVE-2014-3669, CVE-2014-3670, CVE-2014-3668, CVE-2014-3660, and CVE-2014-0191 by fixing bugs in the Core, Exif, and XMLRPC modules and in libxml2. It is strongly recommended all PHP 5.4 users to upgrade to PHP version 5.4.34 and all […]

Bash security update for CloudLinux

There was a critical vulnerability existed on all Bash package shipped with Red Hat. This affects all servers using RHEL 4, RHEL 5, RHEL 6 and RHEL 7. CentOS and CloudLinux servers were also affected by this. CloudLinux has released an update for Bash package to address this. The update the fixes bash remote vulnerability […]

Bash Code Injection Vulnerability – Bash Security Update

Red Hat has been made aware of a vulnerability affecting all versions of the bash package as shipped with Red Hat products. This vulnerability CVE-2014-6271 could allow for arbitrary code execution. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. A flaw was found in the […]

cPanel TSR-2014-0007 Full Disclosure

cPanel TSR-2014-0007 Full Disclosure: cPanel has released a full disclosure for TSR-2014-0007. [1] Case 109049 Summary Arbitrary file overwrite in /scripts/synccpaddonswithsqlhost. Security Rating cPanel has assigned a Security Level of Important to this vulnerability. Description The synccpaddonswithsqlhost script performed unsafe file operations inside the home directories of unprivileged users while running with root’s permissions. By […]

cPanel TSR-2014-0007 Announcement

cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having security impact levels ranging from Minor to Important. If your […]

WordPress Slider Revolution Plugin vulnerability

Slider Revolution Plugin is a premium WordPress plugin used by many premium themes. This plugin is bundle with premium WordPress themes. Back in February 2014, there was a critical vulnerability discovered in this plugin. This was patched by the developers however it is possible that themes were not updated to use the latest version and […]

EasyApache 3.26.7 Released

cPanel, Inc. has released EasyApache 3.26.7 with Apache version 2.2.29. This release addresses vulnerabilities CVE-2014-0118, CVE-2014-0231, CVE-2014-0226 and CVE-2013-5704. It is recommended all Apache 2.2 users to upgrade to Apache version 2.2.29. AFFECTED VERSIONS All versions of Apache 2.2 before version 2.2.29. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings […]

HostBill Version 02-09-2014 released

HostBill is a complete client management, billing and support  system used by many web hosting companies. Recently they have released an update to address few bug fixes and new features. Following are the list of features and bug fixes address in HostBill Version 02-09-2014: Features: Added option to sort Knowledge base categories and articles. Added […]