Exploit for Path Traversal in Microsoft

CVE-2021-40444 Analysis This repository contains the deobfusc...

More Detail on the Juniper Hack and the NSA PRNG Backdoor

We knew the basics of this story, but its good to have more detail. Heres me in 2015 about this Juniper hack. Heres me in 2007 on the NSA backdoor...

Lightning Cable with Embedded Eavesdropping

Normal-looking cables USB-C, Lightning, and so on that exfiltrate data over a wireless network. I blogged about a previous prototype here...

uListing < 2.0.9 - Arbitrary Blog Option Update via CSRF

The plugin does not have CSRF check in the uListingimportlayout function, nor perform any validation on the option/post meta key to update to ensure it belongs to the plugin. As a result, attackers could make a logged in admin change any of the blog option such as siteurl, blogname etc as well as...

uListing < 2.0.9 - Arbitrary Blog Option Update via CSRF

The plugin does not have CSRF check in the uListingimportlayout function, nor perform any validation on the option/post meta key to update to ensure it belongs to the plugin. As a result, attackers could make a logged in admin change any of the blog option such as siteurl, blogname etc as well as...

GHSA-HXJ6-V58R-CQV3 Cross Site Scripting in Subrion CMS

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

Cross Site Scripting in Subrion CMS

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 93 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 93.0.4577.63 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

Cachet vulnerable to new line injection during configuration edition

Impact Authenticated users, regardless of their privileges User or Admin, can exploit a new line injection in the configuration edition feature e.g. mail settings and gain arbitrary code execution on the server. Patches This issue was addressed by improving UpdateConfigCommandHandler and preventi...

Excellent Write-up of the SolarWinds Security Breach

Robert Chesney wrote up the Solar Winds story as a case study, and its a really good summary...

Premium Addons for Elementor < 4.5.2 - Subscriber+ Arbitrary Blog Option Update

The plugin does not have any CSRF and authorisation checks in the padismissadminnotice AJAX action, available to any authenticated users, and do not validate the option key to ensure the option to update belongs to the plugin. As a result, any authenticated user, such as subscriber can update...

Premium Addons for Elementor < 4.5.2 - Subscriber+ Arbitrary Blog Option Update

The plugin does not have any CSRF and authorisation checks in the padismissadminnotice AJAX action, available to any authenticated users, and do not validate the option key to ensure the option to update belongs to the plugin. As a result, any authenticated user, such as subscriber can update...

CVE-2020-18998

Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'...

CVE-2020-19002

Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...

CVE-2020-18998

Cross Site Scripting XSS in Blogmini v1.0 allows remote attackers to execute arbitrary code via the component '/admin/custom/blog-plugin/add'...

PYSEC-2021-343

Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...

CVE-2020-19002

Cross Site Scripting XSS in Mezzanine v4.3.1 allows remote attackers to execute arbitrary code via the 'Description' field of the component 'admin/blog/blogpost/add/'. This issue is different than CVE-2018-16632...

CVE-2020-18998

CVE-2020-18998 affects Blog_mini v1.0 through the vulnerable path /admin/custom/blog-plugin/add where a cross-site scripting (XSS) flaw enables remote attackers to execute arbitrary code. This is supported by multiple sources (NVD/NVD-derived entries, CNVD, OSV, Red Hat advisory) describing the s...

Mezzanine 跨站脚本漏洞

Github Mezzanine, a content management platform, is vulnerable to a cross-site scripting vulnerability that originates from a cross-site scripting XSS vulnerability in Mezzanine v4.3.1. The vulnerability can be exploited to execute arbitrary code via the "Description" field of...

Friday Squid Blogging: On Squid Brains

Interesting National Geographic article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...