SQL Injection Vulnerability in Axublog (search.php)

Axublog is a PHP personal blog system. Axublog search.php suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to bypass filtering and perform direct injection to obtain sensitive database information...

CVE-2018-9119

An attacker with physical access to a BrilliantTS FUZE card MCU firmware 0.1.73, BLE firmware 0.7.4 can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool...

China-Linked APT15 Used Myriad of New Tools To Hack UK Government Contractor

CANCUN, Mexico – Researchers at NCC Group have discovered multiple backdoors on a UK government contractor’s computer systems designed to steal sensitive government and military data. The hack is tied to China-linked cyber espionage group APT15, which researchers said is utilizing many new tools ...

Piwigo cross-site scripting vulnerability (CNVD-2018-06555)

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time, and more. A cross-site scripting vulnerability exists in the admin panel in Piwigo version 2.9.3. A remote attacker can exploit th...

Cellebrite Unlocks iPhones for the US Government

Forbes reports that the Israeli company Cellebrite can probably unlock all iPhone models: Cellebrite, a Petah Tikva, Israel-based vendor that's become the U.S. government's company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have th...

[SECURITY] Fedora 27 Update: zziplib-0.13.68-1.fc27

The zziplib library is intentionally lightweight, it offers the ability to easily extract data from files archived in a single zip file. Applications can bundle files into a single zip archive and access them. The implementat ion is based only on the free subset of compression with the zlib...

FreeBSD : Bugzilla security issues (22283b8c-13c5-11e8-a861-20cf30e32f6d)

Bugzilla Security Advisory A CSRF vulnerability in report.cgi would allow a third-party site to extract confidential information from a bug the victim had access to. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...

LSB-Steganography - Python program to steganography files into images using the Least Significant Bit

Python program based on stegonographical methods to hide files in images using the Least Significant Bit technique. I used the most basic method which is the least significant bit. A colour pixel is composed of red, green and blue, encoded on one byte. The idea is to store information in the firs...

Server side request forgery (ssrf)

Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...

SQL Injection Vulnerability in Website Building System of Fuyang Xinpin Network Technology Co.

Fuyang City Xinpin Network Technology Co., Ltd. is a technology-based enterprise focusing on providing full network marketing solutions for the majority of tourism enterprises. The search.aspx file in the website building system of Fuyang Xinpin Network Technology Co., Ltd. has a SQL injection...

Meltdown and Spectre fallout: patching problems persist

Last week, the disclosure by multiple teams from Graz and Pennsylvania University, Rambus, Data61, Cyberus Technology, and Google Project Zero of vulnerabilities under the aliases Meltdown and Spectre rocked the security world, sending vendors scurrying to create patches, if at all possible, and...

Zomato: [www.zomato.com] Boolean SQLi - /█████.php

@gerbenjavado found that the parameter entityid was vulnerable to SQLi on endpoint /████.php using a Boolean technique. POC The POC uses ifmid@@version,1,1=5 which returns a 200 ok message. If changed for ifmid@@version,1,1=4 the server gives a 500 or 504 error, confirming the SQLi and proving da...

SQL injection vulnerability in the game.php page of UX365 website category navigation system

Uc365 website classification and navigation system is a cross-platform open source software, based on PHP + MYSQL development and construction of open source website classification and catalog management system. A SQL injection vulnerability exists in the game.php page of the Uke365 Web Classifie...

CVE-2017-15272

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a...

CVE-2017-15272

CVE-2017-15272 concerns the PSFTPd Windows FTP Server (v10.0.4 Build 729). The server stores its configuration in PSFTPd.dat, an Access database that can be extracted. The data can be obtained even though the encrypt flag is set with the password “ITsILLEGAL,” because the password is not required...

OpenText Document Sciences xPression 4.5SP1 Patch 13 - jobRunId SQL Injection

OpenText Document Sciences xPression 4.5SP1 Patch 13 - jobRunId SQL Injection Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText...

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection

Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...

[SECURITY] Fedora 27 Update: freexl-1.0.4-1.fc27

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection Vulnerability

Exploit for java platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPressi...

SQL Injection Vulnerability in check_need_status, check_pay_sum Methods of WK+shop General Mall System

WK+shop is a mall system based on the technology of PHP+MySQL, developed using ThinkPHP5.0 framework, which combines the Witcott mission system with multiple mall systems. WK+shop general mall system checkneedstatus, checkpaysum method SQL injection vulnerability, attackers can construct a specif...