News

Conviso acquired Gauntlet.io

The technology developed by Gauntlet will be incorporated to the AppSec Flow, expanding the services spectrum in AppSec Conviso proudly announces the acquisition of Gauntlet.io Security, an application security testing company, whose technology is to complement the Continuous Application Security portfolio by Conviso. The approach for this acquisition is technical, since Gauntlet´s…
Read more

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

ekoparty 2013 - Wrap Up of 1st Day

News

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

WildFly[1], formerly known as JBoss AS, or simply JBoss, is an application server authored by JBoss, now developed by Red Hat. WildFly is written in Java, and implements the Java Platform, Enterprise Edition (Java EE) specification. It runs on multiple platforms.WildFly is free and open-source software, subject to the requirements of the GNU Lesser General Public License (LGPL), version…
Read more

Conviso acquired Gauntlet.io

ekoparty 2013 - Wrap Up of 1st Day

News

ekoparty 2013 - Wrap Up of 1st Day

Ekoparty is an Infomartion Security Conference that happens every year in Buenos Aires Argentina. And it is known as one of the best InfoSec Conferences in Latin America, if not the best, at least in my opinion so far. The first day at Ekoparty 2013 was mostly for Registration, Workshops and Wardriving. The venue is really nice, as it has an underground like look and feel. You really feel that you…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

News

Spree Commerce Multiple Unsafe Reflection Vulnerabilities (CVE-2013-1656)

Spree Commerce [1] is “a 100% open source e-commerce platform powered by the popular Ruby on Rails framework. It was designed to make customization and upgrades as simple as possible”. We have found Multiple Unsafe Reflection [2] vulnerabilities on it that affected any version >= 1.0.0. The vendor has provided patches that fix the flaws [3]. Our advisory with more detailed…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

News

Related Posts Word Press Plugin Cross Site Scripting Vulnerability -CVE-2011-0760

Introduction Copyright and Disclaimer The information in this advisory is Copyright 2010 Conviso and provided so that the society can understand the risk they may be facing by running affected software, hardware or other components used on their systems. In case you wish to copy information from this advisory, you must either copy all of it or refer to this document (including our URL). No…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

News

Security Advisory: Recaptcha Word Press Plugin Cross Site ScriptingVulnerability | CVE 2011-0759

Introduction Copyright and Disclaimer The information in this advisory is Copyright 2010 Conviso and provided so that the society can understand the risk they may be facing by running affected software, hardware or other components used on their systems. In case you wish to copy information from this advisory, you must either copy all of it or refer to this document (including our URL). No…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

News

LiveZilla Cross Site Scripting Vulnerability | CVE-2010-4276

Introduction Copyright and Disclaimer The information in this advisory is Copyright 2010 Conviso and provided so that the society can understand the risk they may be facing by running affected software, hardware or other components used on their systems. In case you wish to copy information from this advisory, you must either copy all of it or refer to this document (including our URL). No…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

News

Embedded Video WordPress Plugin Cross Site Vulnerability (XSS) -CVE-2010-4277

Introduction Copyright and Disclaimer The information in this advisory is Copyright 2010 Conviso and provided so that the society can understand the risk they may be facing by running affected software, hardware or other components used on their systems. In case you wish to copy information from this advisory, you must either copy all of it or refer to this document (including our URL). No…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

News

Security Advisory: Spree e-commerce JSON v.0.11x

Uma versão em PDF também está disponível | A PDF version is also available Spree e-commerce JSON Hijacking Vulnerabilities – CVE-2010-3978 Introduction Spree e-commerce is an open source commerce platform written for the Ruby on Rails framework supporting “Over 100 extensions created by our active and dedicated community”. This problem was confirmed in the following…
Read more

Conviso acquired Gauntlet.io

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816