790 matches found
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting Exploit Title: Comodo Dome Firewall 2.7.0 | Cross-Site Scripting Date: 18.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://cdome.comodo.com/firewall/ Software Link:...
Comodo Dome Firewall 2.7.0 Cross Site Scripting
Exploit Title: Comodo Dome Firewall 2.7.0 | Cross-Site Scripting Date: 18.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://cdome.comodo.com/firewall/ Software Link: https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9278&af=9278 Version: 2.7.0 Introduction Comodo Dom...
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting
Exploit Title: Comodo Dome Firewall 2.7.0 | Cross-Site Scripting Date: 18.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://cdome.comodo.com/firewall/ Software Link: https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9278&af=9278 Version: 2.7.0 Introduction Comodo Dom...
CVE-2018-17431
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...
CVE-2018-17431
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...
Authentication flaw
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...
CVE-2018-17431
Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL...
CVE-2018-17431
Affected software: Comodo UTM Firewall Web Console (all releases before 2.7.0, and related 1.5.0) per CVE-2018-17431. Vulnerability type & root cause: remote code execution via a crafted URL that allows an unauthenticated attacker to execute arbitrary code on the target. Descriptions across sourc...
PT-2019-9479 · Comodo · Comodo Utm Firewall
Name of the Vulnerable Software and Affected Versions: Comodo UTM Firewall versions prior to 2.7.0 Description: The issue allows remote attackers to execute arbitrary code without authentication via a crafted URL. This is related to the Web Console in Comodo UTM Firewall. Recommendations: For...
Comodo KORUGAN VM 1.9.3.1100 Cross Site Scripting
Exploit Title: Comodo KORUGAN VM 1.9.3.1100 | Cross-Site Scripting Date: 18.01.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.korugan.com/koruganvm.php Software Link: https://download.comodo.com/korugan/iso/Korugan-1-9-3-1100-x8664.iso Version: 1.9.3.1100 Introduction Korugan VM wit...
Comodo KORUGAN LITE 1.6.5.1024 Cross Site Scripting
Exploit Title: Comodo KORUGAN LITE 1.6.5.1024 | Cross-Site Scripting Date: 18.01.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.korugan.com/koruganlite.php Software Link: https://download.comodo.com/korugan/Korugan-Lite.ova Version: 1.6.5.1024 Introduction Korugan Unified Threat...
Exploit for Improper Authentication in Comodo Unified_Threat_Management_Firewall
CVE-2018-17431-PoC Proof of consept for CVE-2018-17431 E...
Magecart Strikes Again, Siphoning Payment Info from Newegg
The Magecart threat actor, which just made headlines with the British Airways breach, has been racking up conquests lately and shows no signs of slowing down. This week, it added a new feather to its compromise cap: The Newegg online retailer. Newegg is a top online merchant with tens of millions...
Hackers Steal Customers' Credit Cards From Newegg Electronics Retailer
The notorious hacking group behind the Ticketmaster and British Airways data breaches has now victimized popular computer hardware and consumer electronics retailer Newegg. Magecart hacking group managed to infiltrate the Newegg website and steal the credit card details of all customers who enter...
comodo.com XSS vulnerability
Open Bug Bounty ID: OBB-418081 Description| Value ---|--- Affected Website:| comodo.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
Massive Email Campaign Sends Locky Ransomware to Over 23 Million Users
Whenever we feel like the Locky ransomware is dead, the notorious threat returns with a bang. Recently, researchers from two security firms have independently spotted two mass email campaigns, spreading two different, but new variants of the Locky ransomware. Lukitus Campaign Sends 23 Million...
July 11, 2017—KB4025342 (OS Build 15063.483)
July 11, 2017—KB4025342 OS Build 15063.483 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue introduced by KB4022716where Internet Explorer 11 may close unexpectedly when you...
Comodo Mobile Security - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Comodo Mobile Security published at the 'play' market has multiple vulnerabilities...
comodo.bluesnap.com XSS vulnerability
Vulnerable URL: https://comodo.bluesnap.com/jsp/buynow.jsp?contractId=3209254=939126&custom2;=Y&custom3;=Comodo&custom6;=%22--!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.08.2017 Latest check for patch:| 28.08.2017 09:53 GMT Vulnerability...
Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Comodo Chromodo Browser Unquoted Service Path Privilege Escalation Date: 03/10/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: email protected Category: local Vendor...