PrestaShop < 1.6.1.19 - 'BlowFish ECD' Privilege Escalation

!/usr/bin/env python3 PrestaShop = 1.6.1.19 Privilege Escalation Charles Fol 2018-07-10 See https://ambionics.io/blog/prestashop-privilege-escalation The condition for this exploit to work is for an employee to have the same password as a customer. The exploit will yield a valid employee cookie f...

Unauthorized Access

loopback is vulnerable to unauthorized access. If an admin instance and a customer instance share the same user id and password, the customer instance can change the password of the admin instance using their regular access token...

Interspire Shopping Cart v6 - Multiple Web Vulnerabilities

Document Title: =============== Interspire Shopping Cart v6 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=593 Release Date: ============= 2012-06-02 Vulnerability Laboratory ID VL-ID: ====================================...

DreamHost Warns of Attack, Forces Customer Password Changes

Attackers were able to compromise a database at DreamHost, a large hosting provider, late last week and the company is forcing all of its customers to change their passwords for their FTP and shell accounts as a precautionary measure. DreamHost did not provide many details about what happened in...