Woody Ad Snippets < 2.2.6 - Arbitrary Post Deletion

The adminInit function of the admin/includes/class.actions.snippets.php file, registered as an admininit hook did not have any CSRF or capability checks for its close action, allowing unauthenticated users to delete arbitrary posts from the blog PoC...

Cryptolocking WordPress Plugin Locks Up Blog Posts

A malicious WordPress plugin ironically called WP Security has been spotted in the wild encrypting blog posts and rendering the content unreadable. It’s capable of targeting individual posts — an unusual behavior, according to researchers. According to analysis from Sucuri, the plugin obtains a...

Command Execution Vulnerability in DouPHP BLOG

DouPHPBLOG1.5 is a lightweight enterprise website management system, based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. DouPHPBLOG1.5 suffers from a code execution vulnerability that can be exploited by an attacker to gain control of the server...

DouPHP BLOG Arbitrary File Deletion Vulnerability

DouPHPBLOG1.5 is a lightweight enterprise website management system based on PHP+Mysql architecture, which can run on Linux, Windows, MacOSX, Solaris and other platforms. DouPHPBLOG1.5 suffers from an arbitrary file deletion vulnerability, which can be exploited by attackers to reinstall the...

Meet the MSRC at Black Hat 2019

We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog. Wednesday, August 7 ...

Meet the MSRC at Black Hat 2019

We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog...

Meet the MSRC at Black Hat 2019

We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog...

How to Get Your Equifax Settlement Money

A settlement with the FTC means Equifax will pay victims of its breach $125 or more. Make sure it pay ups...

Exploit for CVE-2019-14339

CVE-2019-14339 Content Provider URI Injection on Canon PRINT...

Friday Squid Blogging: Squid Cars

Jalopnik asks the important question: "If squids ruled the earth, what would their cars be like?" As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

Visitors Traffic Real Time Statistics < 1.13 - CSRF to Stored XSS/SQLi

A CSRF vulnerability in the plugin gives attackers the possibility to craft an AJAX request, which lets blog administrators alter plugin settings. Due to a lack of encoding for malicious data when displaying it in the admin backend, there is a Stored XSS. Also, as the user input coming from the...

Happy Birthday TaoSecurity.com

Nineteen years ago this week I registered the domain taosecurity.com: Creation Date: 2000-07-04T02:20:16Z This was 2 1/2 years before I started blogging, so I don't have much information from that era. I did create the first taosecurity.com Web site shortly thereafter. I first started hosting it ...

Inside the MSRC – Anatomy of a SSIRP incident

This is the second in a series of blog posts that shares how the MSRC responds to elevated threats to customers through the Software and Services Incident Response Plan SSIRP. In ourlast blog post, we looked at the history of the Microsoft Security Response Center and SSIRP, and how Microsoft tak...

Windows/x86 - bitsadmin Download and Execute Shellcode (210 Bytes)

/ ; Windows/x86 - bitsadmin Download and Execute http://192.168.10.10/evil.exe c:\evil.exe Shellcode 210 Bytes ; Shellcode Title : bitsadmin download and execute ; Shellcode Author : Joseph McDonagh ; Date June 26, 2019 ; Shellcode Length 210 ; However, if the application you are exploiting alrea...

Friday Squid Blogging: Squid Tea Bags

It's pu'er tea -- from Japan. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

BlogEngine path traversal vulnerability (CNVD-2019-18836)

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments , custom themes and so on. A path traversal vulnerability exists in BlogEngine 3.3.7 and earlier versions. The vulnerability stems from the failure of a network system or product to properly filter special elemen...

Catfish Blog v2.1.9 suffers from a file upload vulnerability

Catfish Blog is a specialized system for building blogs. A file upload vulnerability exists in Catfish Blog v2.1.9, which can be exploited by an attacker to gain control of the web server...

CloudTest Vulnerability (CVE-2019-11011)

...

CVE-2019-9842

madskristensen MiniBlog through 2018-05-18 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in appcode/handlers/PostHandler.cs writes a decoded base64 string to a file without validating the extension...

Radiohead Dropped 18 Hours of Unreleased Music to Screw Pirates

You can listen to the OK Computer–era tracks right here...