Matthew Green on Telegram’s Encryption

Matthew Green wrote a really good blog post on what Telegrams encryption is and is not. EDITED TO ADD 8/28: Another good explainer from Kaspersky...

WordPress Blog Introduction plugin <= 0.3.0 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Blog Introduction versions = 0.3.0...

WordPress Blog Introduction Plugin <= 0.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blog Introduction Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7862 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b5cd399b1013 Credits Daniel Ruf Required...

Exploit for Injection in Glpi-Project Glpi

CVE-2022-35914poc Modified for GLPI Offsec Lab: calluserfun...

Glassdoor: █████████eflected █████████████████ Vulnerability in Glassdoor Blog ███earch

A reflected cross-site scripting vulnerability was discovered in the Glassdoor blog search functionality. The vulnerability was remediated by strengthening input validation and output encoding...

Best SEO Experts to Follow on Twitter (X) in 2025

To improve your online visibility, its crucial to stay updated on the ever-evolving strategies and developments in Search…...

blog.effectussoftware.com Cross Site Scripting vulnerability OBB-3959365

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Defend Your GraphQL Server Against Excessive Resource Consumption

...

Simple Machines Forum 2.1.4 Code Injection

Exploit Title: Authenticated Code Injection - smfv2.1.4 Date: 8/2024 Exploit Author: Andrey Stoykov Version: 2.1.4 Tested on: Ubuntu 22.04 Blog: https://msecureltd.blogspot.com/2024/06/friday-fun-pentest-series-7-smfv214.html Code Injection Authenticated: Steps to Reproduce: 1. Login as admin 2...

CVE-2024-32928

creationtimestamp| type| source ---|---|--- 2024-08-19 20:12:34+00:00| seen| https://t.me/cvedetector/3536 2025-02-11 14:00:07+00:00| seen| https://daniel.haxx.se/blog/2025/02/11/disabling-cert-checks-we-have-not-learned-much/ 2025-02-12 06:35:44+00:00| seen|...

CVE-2024-6459 News Element Elementor Blog Magazine < 1.0.6 - Unauthenticated LFI

The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 is vulnerable to Local File Inclusion via the template parameter. This makes it possible for unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files...

Akamai’s Perspective on August’s Patch Tuesday 2024

...

How To Lower Your Live Video Transcoding Costs

...

What’s New for Developers: August 2024

...

CVE-2024-38148

creationtimestamp| type| source ---|---|--- 2024-08-13 18:05:01+00:00| seen| https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review 2024-08-23 13:29:53+00:00| published-proof-of-concept| https://t.me/Rootsec2/4212 2024-08-23 22:17:53+00:00| published-proof-of-concept|...

CVE-2024-38108

creationtimestamp| type| source ---|---|--- 2024-08-13 18:05:01+00:00| seen| https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review...

CVE-2024-38121

creationtimestamp| type| source ---|---|--- 2024-08-13 18:05:01+00:00| seen| https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review...

CVE-2024-38159

creationtimestamp| type| source ---|---|--- 2024-08-13 18:05:01+00:00| seen| https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review...

CVE-2024-38223

creationtimestamp| type| source ---|---|--- 2024-08-13 18:05:01+00:00| seen| https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review 2024-08-13 21:18:25+00:00| seen| https://t.me/cvedetector/3057 2025-04-15 23:55:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11968...

CVE-2024-38126

creationtimestamp| type| source ---|---|--- 2024-08-13 18:05:01+00:00| seen| https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review...