WordPress History Collection 1.1.1 Arbitrary File Download

Exploit Title: Wordpress History Collection =1.1.1 Arbitraty File Download Google Dork: inurl:plugins/history-collection Date: 10/06/2015 Exploit Author: Kuroi'SH Software Link: https://wordpress.org/plugins/history-collection/ Version: =1.1.1 Tested on: Linux I-Description: Wordpress history...

WordPress History Collection <=1.1.1 Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress History Collection =1.1.1 Arbitraty File Download Google Dork: inurl:plugins/history-collection Date: 10/06/2015 Exploit Author: Kuroi'SH Software Link: https://wordpress.org/plugins/history-collection/ Version: =1.1.1...

WordPress History Collection Plugin <= 1.1.1 - Arbitrary File Download

History Collection plugin is prone to an arbitrary file download vulnerability. "download.php" is not filtering the "get" input and the file can be downloaded because of this "get" input value. Solution Update the plugin...

WordPress Plugin History Collection 1.1.1 - Arbitrary File Download

Exploit Title: Wordpress History Collection =1.1.1 Arbitraty File Download Google Dork: inurl:plugins/history-collection Date: 10/06/2015 Exploit Author: Kuroi'SH Software Link: https://wordpress.org/plugins/history-collection/ Version: =1.1.1 Tested on: Linux I-Description: Wordpress history...

WordPress Plugin History Collection 1.1.1 - Arbitrary File Download

WordPress Plugin History Collection 1.1.1 - Arbitrary File Download Exploit Title: Wordpress History Collection =1.1.1 Arbitraty File Download Google Dork: inurl:plugins/history-collection Date: 10/06/2015 Exploit Author: Kuroi'SH Software Link: https://wordpress.org/plugins/history-collection/...

Sunset of Section 215 Means All Eyes on USA FREEDOM Act

The sun may have set at midnight on Section 215 of the PATRIOT Act, putting a temporary halt to the NSA’s bulk collection of phone call metadata, but privacy champions and legal experts point to May 7 as the day the lights dimmed on that facet of the government’s surveillance efforts. On that...

NSA Wants To Track Smartphone Users Based on How They Type and Swipe

Just the way you swipe your smartphone screen is enough for your smartphone to identify you. Yes, it’s a Fact, not Fiction! The United States National Security Agency NSA has a new technology that can identify you from the way your finger swipe strokes and text on a smartphone screen, according t...

Total VMs Count in Infrastructure Overview Report

Challenge The Infrastructure Overview report shows different values between vCenter Servers Virtual Machines and Storage Number of VMs. Cause Here are the possible causes of such behavior: one VM is linked with more than one datastore; for the "vCenter Servers" templates are not counted; "Storage...

Analysis WordPress a js Backdoor-vulnerability warning-the black bar safety net

We were recently in a lot of WordPress sites to find a for a collection the administrator login credentials for the backdoor, the injured site is to insert a concealment code, when an administrator logs on, the code is triggered, the Administrator's login credentials are encrypted by the GET...

Dennis Fisher and Mike Mimoso on the End of the Patch Tuesday Era, Section 215 and More

Dennis Fisher and Mike Mimoso talk about the end of the Patch Tuesday era for most Microsoft customers, the appeals court ruling on Section 215 metadata collection and Dennis’s idea for a security industry commission. Download: digitalunderground201.mp3 Music by Chris Gonsalves...

CakePHP 3.0.4 Released

CakePHP 3.0.4 Released The CakePHP core team is happy to announce the immediate availability of CakePHP 3.0.4. This is a maintenance release that contains security fixes and bugfixes. Security Fixes There are two issues that can impact the security of a CakePHP application: CsrfComponent fails to...

Privacy Goal: More Controls in Users' Hands

SAN FRANCISCO – The same companies that brought, among other things, facial recognition into your living rooms and the ability to record video to your eyewear, swear the next big thing in privacy is putting more controls in your hand. The privacy officers of Microsoft, Google and Facebook said...

kernel: use-after-free during key garbage collection

A race condition flaw was found in the way the Linux kernel keys management subsystem performed key garbage collection. A local attacker could attempt accessing a key while it was being garbage collected, which would cause the system to crash...

New Coalition Launches Fight Against Patriot Act Section 215

A broad group of civil-rights, technology and political groups from across the spectrum has developed a new initiative to advocate for the repeal of Section 215 of the USA PATRIOT Act, the part that provides the authority for the bulk collection of phone metadata and other information. The new...

Your Location has been Shared 5,398 Times in Last 14 Days

Do you realize how often your smartphone is sharing your location data with various companies? It is more than 5000 times in just two weeks. That is little Shocking but True! A recent study by the security researchers from Carnegie Mellon reveals that a number of smartphone applications collect...

[SECURITY] Fedora 21 Update: mongodb-2.4.13-1.fc21

Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...

Debian DLA-20-1 : munin security update

Christoph Biedl - munin-node: more secure state file handling, introducing a new plugin state directory root, owned by uid 0. Then each plugin runs in its own UID plugin state directory, owned by that UID. Closes: 684075, Closes: 679897, closes CVE-2012-3512. - plugins: use runtime...

Tech Companies, Privacy Advocates Call for NSA Reform

A group of technology companies, non-profits and privacy and human rights organizations have sent a letter to President Barack Obama, the director of national intelligence and a wide range of Congressional leaders, calling for an end to the bulk collection of phone metadata under Section 215 of t...

[SECURITY] Fedora 22 Update: mongodb-2.6.8-1.fc22

Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...

Masscan Port Scanner

Masscan is a port scanning product. Use of this product might indicate an attempt to collect data regarding the target network, and use it for future attacks...