CVE-2020-6823

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...

CVE-2020-6823

A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirecturi, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox 75...

Automattic: Authenticated Code Execution through Phar deserialization in CSV Importer as Shop manager in WooCommerce

This vulnerability is based on the following exploitation technique: https://blog.ripstech.com/2018/new-php-exploitation-technique/ It is easier to explain this vulnerability by having watched the PoC first: https://www.youtube.com/watch?v=mr3bAOIUwd4 Here is what's happening: 1. Since a valid ph...

YzmCMS User Traversal Vulnerability

YzmCMS is an open source CMS Content Management System developed by Chinese programmer Yuan Zhimeng. A security vulnerability exists in the password retrieval function of the index.php/member/reset/resetemail.html page in YzmCMS version 3.2 to 3.7, which originates from the validity period of the...

There is a logic design flaw in the Kaiyen Gold app

Kaiyan Gold Service app is a financial management software. There is a logical design vulnerability in the Kaiyan Gold Service app. The vulnerability is due to the registration of not doing any verification restrictions, the attacker through the packet bursting and intercept the return of the...