823 matches found
[SOJOBO-ADV-13-05] - Vtiger 5.4.0 Reflected Cross Site Scripting
SOJOBO-ADV-13-05 - Vtiger 5.4.0 Reflected Cross Site Scripting I. Information ================== Name : Vtiger 5.4.0 Reflected Cross Site Scripting Software : Vtiger 5.4.0 and possibly below. Vendor Homepage : https://www.vtiger.com/ Vulnerability Type : Reflected Cross-Site Scripting Severity :...
Vtiger 5.4.0 Cross Site Scripting Vulnerability
Vtiger version 5.4.0 suffers from multiple reflective cross site scripting vulnerabilities. Vtiger 5.4.0 Reflected Cross Site Scripting I. Information ================== Name : Vtiger 5.4.0 Reflected Cross Site Scripting Software : Vtiger 5.4.0 and possibly below. Vendor Homepage :...
WordPress Gallery Bank 2.0.19 Cross Site Scripting
SOJOBO-ADV-13-03 - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting I. Information ================== Name : Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting Software : Gallery Bank 2.0.19 and possibly below. Vendor Homepage : http://gallery-bank.com/...
[SOJOBO-ADV-13-02] - MODx 2.2.10 Reflected Cross Site Scripting
SOJOBO-ADV-13-02 - MODx 2.2.10 Reflected Cross Site Scripting I. Information ================== Name : MODx 2.2.10 Reflected Cross Site Scripting Software : MODx 2.2.10 and possibly below. Vendor Homepage : http://modx.com/ Vulnerability Type : Reflected Cross-Site Scripting Severity : Low 2/5...
[SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities
SOJOBO-ADV-13-01 - Zenphoto 1.4.5.2 multiple vulnerabilities I. Information ================== Name : Zenphoto 1.4.5.2 multiple vulnerabilities Software : Zenphoto 1.4.5.2 and possibly below. Vendor Homepage : http://www.zenphoto.org/ Vulnerability Type : SQL Injection, Reflected Cross-Site...
Zenphoto 1.4.5.2 Cross Site Scripting / SQL Injection
Zenphoto version 1.4.5.2 suffers from cross site scripting and remote SQL injection vulnerabilities. SOJOBO-ADV-13-01 - Zenphoto 1.4.5.2 multiple vulnerabilities I. Information ================== Name : Zenphoto 1.4.5.2 multiple vulnerabilities Software : Zenphoto 1.4.5.2 and possibly below. Vend...
Zenphoto 1.4.5.2 Cross Site Scripting / SQL Injection
SOJOBO-ADV-13-01 - Zenphoto 1.4.5.2 multiple vulnerabilities I. Information ================== Name : Zenphoto 1.4.5.2 multiple vulnerabilities Software : Zenphoto 1.4.5.2 and possibly below. Vendor Homepage : http://www.zenphoto.org/ Vulnerability Type : SQL Injection, Reflected Cross-Site...
[Binrev] Automate Reversing Windows Binaries for Pentesters
What you can do with this? Static analysis: you can do a basic manual code review for decompiled sources to discover hidden communication channels, search for hard-coded passwords, or SQL injection vulnerabilities. Import decompiled projects to an IDE to reconstruct and modify the original source...
About the PHP code auditing and vulnerability digging a little thought-vulnerability warning-the black bar safety net
Here is the PHP code auditing and vulnerability discovery the idea to do a bit summary, is a personal point of view, there is something wrong place please point out. PHP vulnerabilities in a large part is from the programmer's own lack of experience, of course, and server configuration related, b...
[Pyew v2.2] A Python tool for static malware analysis
Pyew is a command line python tool to analyse malware. It does have support for hexadecimal viewing, disassembly Intel 16, 32 and 64 bits, PE and ELF file formats it performs code analysis and let you write scripts using an API to perform many types of analysis, follows direct call/jmp instructio...
[Hook Analyser v2.4] Application (and Malware) Analysis tool
Application and Malware Analysis tool. Hook Analyser is a hook tool which could be potentially helpful in reversing application and analysing malwares. Changelog v2.4 Hook Analyser can now analyse DLLs. Part of the Static Malware Analysis Module The deep trace functionality has been improved...
[MASTIFF2HTML] Static Analysis Framework Results Viewer
MASTIFF2HTML is a python program that is used to create a GUI results interface in HTML from MASTIFF results. Download the python program at: https://github.com/1aN0rmus/TekDefense/blob/master/MASTIFF2HTML.py MASTIFF is an automated static malware analysis framework. Learn more about MASTIFF at:...
Reverse engineering, Malware and Goodware analysis of Android applications: Androguard
Androguard is a full python tool to play with Android files. DEX, ODEX APK Android’s binary xml Android resources Disassemble DEX/ODEX bytecodes Decompiler for DEX/ODEX files You can either use the cli or graphical frontend for androguard, or use androguard purely as a library for your own tools...
A CISO's Guide To Application Security – Part 4: Weighing AppSec Technology Options
This post is the fourth in a 5-part series on Application Security, or “AppSec”. The series will define the components of a sound AppSec program, delineate the growing threats to software, weigh the costs of a data breach, and outline the CISO’s responsibility in managing software security risk...
BruCON Agnitio workshop Slides and Video Demonstration - Download
BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook Security Ninja at BruCON 2011 in Belgium. You can Download Slide from here. Required for the Agnitio hands on demos: A 32bit Windows Operating System XP or 7 preferably – VM will be fine .NET framework 3.5...
BruCON Agnitio workshop Slides and Video Demonstration - Download
BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook Security Ninja at BruCON 2011 in Belgium. You can Download Slide from here. Required for the Agnitio hands on demos: A 32bit Windows Operating System XP or 7 preferably – VM will be fine .NET framework 3.5...
Qualys and Malware Analyser - Online malware scanning engine !
Qualys and Malware Analyser - Online malware scanning engine ! Qualys and Malware Analyser Author : Beenu Arora, recently came into an agreement which will allow Qualys to use Malware Analyser tool on its online malware scanning engine. This would enable the users to perform more comprehensive...
With the FindBugs code analysis vulnerability-vulnerability warning-the black bar safety net
Static analysis tools promise without developer effort will be able to find out the code has some defects. Of course, if you have years of writing experience, you will know that these promises are not necessarily fulfilled. Nevertheless, a good static analysis tool is still in the Toolbox...
Fedora Core 10 FEDORA-2009-11499 (libsndfile)
The remote host is missing an update to libsndfile announced via advisory FEDORA-2009-11499. OpenVAS Vulnerability Test $Id: fcore200911499.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-11499 libsndfile Authors: Thomas Reinke Copyright: Copyright ...
gAlan Buffer Overflow
!/usr/bin/perl kpasa.pl AKA gAlan Buffer Overflow 0day Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.07.2009 "From Static Analysis to 0day Exploit" Originally a SecurityTubeCon Presentation, which I'm guessing was canceled without notice? At any rate, DoJoSe...