Cybercriminals Have a Weird New Way to Target You With Scam Texts

Scammers are now using “SMS blasters” to send out up to 100,000 texts per hour to phones that are tricked into thinking the devices are cell towers. Your wireless carrier is powerless to stop them...

zscan

This is a collection of tools for scanning and blasting exploiting services on a network. The tool is called Zscan and is written in Go. It has several modules for different types of scans and exploits, including: Port scanning Service blasting exploiting FTP blasting HTTP blasting LDAP blasting...

Exploit for CVE-2017-0143

💬 README中文 • Compile/Install/Run • Parameter Description • How to use • Scenario • POC List • Custom Scan • Best Practices Features - Free one id Multi-target web netcat for reverse shell - What is scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent。re...

schmidtabrasiveblasting.com Cross Site Scripting vulnerability OBB-2648510

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

“FudCo” Spam Empire Tied to Pakistani Software Firm

In May 2015, KrebsOnSecurity briefly profiled "The Manipulaters," the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. Six years later, a review of the social media...

Vano enterprise website management system (PHP version) there are logic flaws vulnerability

Vanno enterprise website management system PHP version is a php+MySQL development of php enterprise website management system. Vanno enterprise website management system PHP version has a logic flaw vulnerability. An attacker can exploit the vulnerability to obtain the backend account password by...

Audi Travel App has a Bursting Vulnerability

Audi Travel App is a travel service software. Audi Travel APP is vulnerable to a blasting vulnerability. An attacker can log in to any user account and perform unauthorized operations by grabbing packets and bursting them...

MIMI APP of Shenzhen Xinyi Network Co., Ltd. suffers from arbitrary number registration vulnerability

MIMI APP is an app that focuses on voice socialization. There is an arbitrary number registration vulnerability in MIMI APP of Shenzhen Xinyi Network Co. Attackers can register any account by grabbing packets and blasting the verification code...

Logic design flaws in FeeControl Mobile App

FeeControl Mobile App is a mobile bookkeeping office software. There is a logical design vulnerability in FeeControl Mobile APP. An attacker can log into any account by grabbing packets and blasting the verification code...

Shenzhen Yuanzheng Technology goloZ Android APP has arbitrary account password reset vulnerability

goloZ APP is a product developed by Shenzhen Yuanzheng Technology to provide auto repair service. There is an arbitrary account password reset vulnerability in Shenzhen Yuanzheng Technology's goloZ Android APP. An attacker can reset any registered user's password by CAPTCHA blasting...

Wheeling Self-Driving Android App is vulnerable to arbitrary account password resets

Wheel Self-Driving APP is a self-driving comprehensive service center software. The Rolling Self-Driving Android APP is vulnerable to arbitrary account password reset vulnerability. It allows an attacker to reset any registered account password by means of CAPTCHA blasting...

Shenzhen Yuanzheng Technology golo merchant Android APP has arbitrary account password reset vulnerability

golo merchant is an app developed by Shenzhen Yuanzheng Technology to provide auto repair services. There is an arbitrary account password reset vulnerability in the golo merchant android app of Shenzhen Yuanzheng Technology. An attacker can reset any registered user's password by means of CAPTCH...

Willow Police App Has Arbitrary Account Login Vulnerability

Liuzhou Police APP is a police information application platform launched by Liuzhou Municipal Public Security Bureau. Liuzhou Police APP has an arbitrary account login vulnerability. By means of CAPTCHA blasting, an attacker can log in to any account through a cell phone number...

SQL Injection Vulnerability in Explosive Industry Website Building System of Guangzhou Sino-explosive Safety Net Technology Co.

Ltd. is a collection of system integration, software development, technical services, consulting and other consulting as a whole, focusing on the construction of dangerous goods industry "information highway" - Explosives special network, building industry grids and database clusters, aimed at...

cy.blastingnews.com XSS vulnerability

Vulnerable URL: http://cy.blastingnews.com/search?q=%22%3E%3Cimg%20src=x%20onerror=alert%28%22XSSPOSED%22%29%3E Details: Description| Value ---|--- Patched:| Yes, at 19.07.2017 Latest check for patch:| 19.07.2017 10:36 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

si.blastingnews.com XSS vulnerability

Vulnerable URL: http://si.blastingnews.com/search?q=" Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 16:02 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP websi...

fr.blastingnews.com XSS vulnerability

Vulnerable URL: http://fr.blastingnews.com/search?q=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status:| No Check...

bg.blastingnews.com XSS vulnerability

Vulnerable URL: http://bg.blastingnews.com/search?q=" Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 16:02 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP websi...

Some of the common password reset vulnerability analysis-vulnerability warning-the black bar safety net

0×0 0 Preface General password reset design is divided into the following four steps: 1. Enter the account name 2. To verify the identity of 3. Reset the password 4. Complete Usually vulnerability is present in 2 or 3 steps, here is a look at some common password reset vulnerability. 0×0 1 blasti...

emlog code reuse vulnerability, password blasting and other impact-vulnerability warning-the black bar safety net

Brief description: emlog code reuse. You can ignore the CAPTCHA brush comments, ignoring the code to brute force the background. Detailed description: See two days emlog source code is also not white to see it. In the comment when the service side validation of the data code as follows:...