[Canvas] Agora pack 2.28 is out

Yuriy Gurkin audit at gleg.net
Fri Oct 4 17:07:33 EDT 2013

Agora pack 2.28 is out with three modules for defense software and two
web exploits. Listing:
 - Fortigate Firewalls CSRF Vulnerability. under certain conditions
could result in control over the hole firewall.
 - pwStore password management system Denial of Service.
 - Trustport Webfilter gateway Remote File disclosure Vulnerability.
- Joomla Media Manager remote file upload and exec.
  - VLC Media Player Web Interface dir info disclosure bug. this is
based on fresh public bug, but modified by us to work on latest player
more info in changelog.

pwStore and Trustport videos  are available at

Happy hunting,
Gleg ltd's research team.

More information about the Canvas mailing list