7736 matches found
ProShow 9.0.3797 - Local Privilege Escalation
!/usr/bin/python coding:utf-8 Exploit Title: ProShow v9.0.3797 Local Exploit Exploit Author: @YonatanCorrea website with details: https://risataim.blogspot.com/2019/06/exploit-local-para-proshow.html Vendor Homepage: http://www.photodex.com/ProShow Software Link:...
S3 Ransomware Part 1: Attack Vector
The post S3 Ransomware Part 1: Attack Vector appeared first on Rhino Security Labs...
Malwarebytes Labs wins best cybersecurity vendor blog at InfoSec’s European Security Blogger Awards
Infosec Europe is now well underway, and last night was the annual EU Security Blogger Awards, where InfoSecurity Magazine: …recognises the best blogs in the industry as first nominated by peers and then judged by a panel of mostly respected industry experts. Malwarebytes Labs was announced as...
Lessons Learned Trying to Secure Congressional Campaigns
Really interesting first-hand experience from Maciej Cegłowski...
Bo-blog Wind CMS ad***.mo***.php page suffers from SQL injection vulnerability
Bo-blog Wind BW for short is a lightweight personal blogging program. A SQL injection vulnerability exists in the Bo-blog Wind CMS ad.mo.php page. An attacker can exploit the vulnerability to obtain sensitive database information...
Blogifier design flaws
Blogifier is a lightweight open source blog system written using ASP.NET Core . Blogifier 2.3 prior to 2019-05-11 fails to restrict the API properly, as shown by the lack of a check in the pathname for... The check shown in the...
Beers with Talos Ep. #53: Shiny happy election security (and ninjas)
Beers with Talos BWT Podcast Ep. 53 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded May 10, 2019 — Election security has been a dominant headline for some time, so it’s high time we take a look at what th...
WordPress WPGraphQL 0.2.3 Authentication Bypass / Information Disclosure
!/usr/bin/env python Author: Simone Quatrini of Pen Test Partners CVEs: 2019-9879, 2019-9880, 2019-9881 Tested on Wordpress 5.1.1 and wp-graphql 0.2.3 https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/ import argparse import requests import base64 import json import sys parse...
JWT Tool - A Toolkit For Testing, Tweaking And Cracking JSON Web Tokens
jwttool.py is a toolkit for validating, forging and cracking JWTs JSON Web Tokens. Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for the alg=None signature-bypass vulnerability Testing the validity of a secret/key/k...
Friday Squid Blogging: Cephalopod Appreciation Society Event
Last Wednesday was a Cephalopod Appreciation Society event in Seattle. I missed it. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
LG Supersign EZ CMS - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LG Supersign EZ CMS RCE', 'Description' = %q LG SuperSignEZ CMS, that many LG SuperSign TVs have builtin, is prone to remote code execution due to...
WordPress Blog Designer plugin <= 1.8.10 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
Unauthenticated Stored Cross-Site Scripting XSS vulnerability found by Luka Sikic WordPress Blog Designer plugin versions = 1.8.10. Solution Update the WordPress Blog Designer plugin to the latest available version at least 1.8.11...
Blog Designer <= 1.8.10 - Unauthenticated Stored Cross-Site Scripting (XSS)
The Blog Designer WordPress plugin was affected by an Unauthenticated Stored Cross-Site Scripting XSS security vulnerability. Send POST request to: /wp-admin/admin-ajax.php?action=save&updated=true With request body: customcss=confirm1...
CVE-2019-11618
doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 accesstoken in a uri=blog&action=index&controller=blog...
Zimbra Collaboration Suite ProxyServlet SSRF
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details According to the blog post A Saga of...
Stealing Ethereum by Guessing Weak Private Keys
Someone is stealing millions of dollars worth of Ethereum by guessing users' private keys. Normally this should be impossible, but lots of keys seem to be very weak. Researchers are unsure how those weak keys are being generated and used. Their paper is here...
WordPress Print My Blog Plugin < 1.6.6 SSRF Vulnerability
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...
CVE-2019-11565
Server Side Request Forgery SSRF exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter...
Server side request forgery (ssrf)
Server Side Request Forgery SSRF exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter...
CVE-2019-11565
Server Side Request Forgery SSRF exists in the Print My Blog plugin before 1.6.7 for WordPress via the site parameter...