Vigin Media Hub 3.0 Denial Of Service

Exploit Title: Virgin Media Hub 3.0 Router - Denial of Service PoC Google Dork: N/A Date: 2018-11-03 Exploit Author: Ross Inman Vendor Homepage: https://www.broadbandchoices.co.uk/guides/hardware/virgin-media-broadband-routers Software Link: N/A Version: Virgin Media Hub 3.0 Tested on: Linux CVE ...

iOS 12 adoption and performance - what it means for your business's app

On September 17th, Apple released iOS 12. And while many innovative new features were announced, the very first feature listed in the release notes was "Performance." Earlier this year, Apple was heavily criticized for throttling CPU speeds on mobile devices, which drastically affected their...

Sizing Up The Scourge of Credential Stuffing

Last year, 2.3 billion credentials were stolen from 51 different organizations, including Ancestry.com, Imgur and Virgin America. Where do all those user names go? In Shape Security’s second annual Credential Spill Report, it found that billions of stolen digital IDs are contributing to an epidem...

WireX DDoS Botnet: An Army of Thousands of Hacked Android SmartPhones

Do you believe that just because you have downloaded an app from the official app store, you're safe from malware? Think twice before believing it. A team of security researchers from several security firms have uncovered a new, widespread botnet that consists of tens of thousands of hacked Andro...

Dwnldr 1.0 - Unauthenticated Stored Cross-Site Scripting (XSS)

User agent strings are logged when requesting downloads that are processed by dwnldr and displayed back to the admin with no encoding, allowing for scripts to be stored and executed. PoC curl -A "User-Agent: " -O http:///?attachmentid=...

W3 Total Cache <= 0.9.4 - Cross-Site Request Forgery (CSRF)

The plugin does not validate the 'wpnonce' anti-CSRF token. This issue can be used to perform many actions. The most significant action with the biggest impact is the ability to redirect users to malicious websites. Functionality exists where specific user agent strings can be configured to be...

SA-CONTRIB-2010-011 - Feedback - Cross Site Scripting

Feedback module enables users and visitors of a Drupal site to quickly send feedback messages about the currently displayed page. When displaying reports about submitted feedback, the module does not properly sanitize the user agent strings from the Browscap module before display, leading to a...

SA-CONTRIB-2009-065 - Browscap - Cross Site Scripting

The Browscap module provides a way to identify the visitors to your site based on the user agent in their browser. It can also record these user agent strings and provide reports about them. When displaying reports about visitors, the module does not properly sanitize the user agent strings befor...