162 matches found
Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities
Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to...
The Scorched-Earth Tactics of Iran’s Cyber Army
Amid ongoing protests, the Iranian regime has lost control of its image, pushing it to employ increasingly drastic tactics where everyone loses...
The Hermit Kingdom’s Ransomware Play
The Hermit Kingdom’s Ransomware play By Trellix · May 3, 2022 With a special thanks to @ValidHorizon who helped and shared information In February 2016, news broke about what is now known as the ‘Bangladesh Bank Heist’. Hackers attempted to transfer nearly one billion USD through the SWIFT system...
Researchers Uncover Brazilian Hacktivist's Identity Who Defaced Over 4800 Sites
It's one thing for hackers to target websites and proudly announce it on social media platforms for all to see. It's, however, an entirely different thing to leave a digital trail that leads cybersecurity researchers right to their doorsteps. That's exactly what happened in the case of a hacktivi...
Researchers Uncover Brazilian Hacktivist's Identity Who Defaced Over 4800 Sites
It's one thing for hackers to target websites and proudly announce it on social media platforms for all to see. It's, however, an entirely different thing to leave a digital trail that leads cybersecurity researchers right to their doorsteps. That's exactly what happened in the case of a hacktivi...
16Shop Phishing Gang Goes After PayPal Users
A prolific phishing gang known as 16Shop has added PayPal customers to its target set. According to researchers at the ZeroFOX Alpha Team, the latest version of the group’s phishing kit is designed with a number of features that are aimed to steal as much personally identifiable information PII a...
Jobscript4Web 4.5 - Authentication Bypass
Jobscript4Web 4.5 - Authentication Bypass ---------------- Title = Jobscript4Web 4.5 - Authentication Bypass Date = 8/4/2017 Soft = http://www.jobscript4web.com/index.html liVE Demo = http://www.simplejobs.co.in/soft4u --------------- AutHor = TurkCyberArmy --------------- Bizler Turk siber ordus...
WordPress Theme GeoPlaces3 - Arbitrary File Upload
WordPress Theme GeoPlaces3 - Arbitrary File Upload Description : Wordpress Themes GeoPlaces3 - Arbitrary File Upload vulnerbility Google Dork: inurl:/wp-content/themes/GeoPlaces3/ Date: 23 August 2015 Vendor Homepage: http://templatic.com/app-themes/geo-places-city-directory-wordpress-theme Teste...
WordPress CIP4 Folder Download 1.10 Local File Inclusion
Exploit Title: CIP4 Folder Download Widget LFI Google Dork: index of :/cip4-folder-download-widget Date: 13-01-2015 Exploit Author: Ben khlifa Fahmi XTnR3v0lt Vendor Homepage: http://community.cip4.org Software Link: https://wordpress.org/plugins/cip4-folder-download-widget/ Version: 1.10 Tested...
Apadana CMS SQL Injection
000000000000000000000000000000000 0 0 Exploit Title : Apadana CMS Sql Injection Vulnerability 0 Exploit Author : SeRaVo.BlackHat 0 Vendor Homepage : http://www.apadanacms.ir/ 0 Google Dork : powered by apadana CMS 0 Date: 2014/November/25 0 Tested On : windows + linux | Mozila | Havij 0 Software...
WordPress Backup plugin Ready! Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Ready! Backup Arbitrary File Download Vulnerability . Google Dork: inurl:/wp-content/upready/ . Date: 10-09-2014 . Author: Pro Mast3r . Author E-mail : email protected Category: webapps platform: php Vendor:...
Joomla Component (com_connect) Local File Inclusion Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Joomla Component comconnect LFI Vulnerability Date: 6-11-2010 Author: Th3 RDX Software Link: n/a Version: n/a Tested on: online Sites category: webapp/Joomla Code : n/a...
Geomi CMS 1.2 & 3.0 - SQL Injection Vulnerability
No description provided by source. + Exploit Title : Geomi CMS by Tridan IT Sql Injection Vunerability Author : ThunDEr HeaD Contact : [email protected] Date : 11-01-2011 HomePage : www.indishell.in Version : 1.2 , 3.0 Tested on : PBL Technology Vulnerability Style : PHPCMS Sql Injection...
Quicktech SQL Injection Vulnerability
No description provided by source. + Exploit Title : Quicktech Sql Injection Vulnerability + Author : eXeSoul + Contact : [email protected] + Date : 02-03-2011 + category: Web Apps SQli + HomePage : www.indishell.in + Version : all + Tested on : windows/linux + Vulnerability Style : PHP Sql...
Build a Niche Store 3.0 - (BANS) Authentication Bypass Vulnerability
No description provided by source. + Exploit Title : Build a Niche Store v3.0 BANS Authentication Bypass Vulnerability Author : ThunDEr HeaD Contact : [email protected] Date : 13-11-2010 HomePage : www.indishell.in Price : $49.95 Version : 3.0 Software: http://www.buildanichestore.com/...
Internet Download Manager 6.17 (.ef2) Memory Corruption
Exploit for windows platform in category dos / poc 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site...
WordPress OptimizePress插件任意文件上传漏洞
WordPress是一种使用PHP语言开发的博客平台,用户可以在支持PHP和MySQL数据库的服务器上架设自己的网志。 '/wp-content/themes/OptimizePress/lib/admin/media-upload.php'不正确校验用户提交的上传文件扩展,允许远程攻击者利用漏洞提交恶意文件,并以WEB权限执行。 0 WordPress OptimizePress Plugin 1.x 厂商补丁: WordPress ----- WordPress OptimizePress Plugin 1.6已经修复该漏洞,请到厂商的主页下载:...
WordPress OptimizePress Theme File Upload
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class Metasploit3 'WordPress OptimizePress Theme File Upload Vulnerability', 'Description' = %q This module exploits a vulnerability found...
WordPress Blogggie Shell Upload
Exploit Title : Wordpress Themes Bloggie Arbitrary File Upload Vulnerability Author : ReC0ded Vendor : http://themify.me/ Download : http://themify.me/themes/Bloggie Date : 22, November 2013. Type : php, html, htm, asp, etc. Category : Web Applications Vulnerability : File Upload Tested On :...
Pakistani hackers hit Indian Eastern Railways Website just before Independence day
Just four days before the Independence day, The Pakistani hacker known as 'MindCracker' from Pakistan Cyber Army team hacked into the Indian Eastern Railways website and deface some internal pages, as shown in the screenshot taken by us few hours before. At the time of reporting, website...