EUVD-2007-0481

Malware in sbrugna...

EUVD-2006-4851

Malware in sbrugna...

EUVD-2007-0482

Malware in sbrugna...

EUVD-2008-5762

Malware in sbrugna...

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to read "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links -- such as fedetwitter.com,...

Journey Down Under: How Rocco Became Australia’s Premier Hacker

Fun facts about Rocco Calvi @TecR0c: Microsoft MVR: Rocco is a 2023 Microsoft Most Valuable Researcher. Fitness fanatic: Inspired by old-school body building and countless hours of chopping and carrying wood in the mountains during his youth, Rocco remains a fitness enthusiast, setting himself...

PT-2022-15135 · Intel · Intel Nuc Enthusiast +3

Name of the Vulnerable Software and Affected Versions: IntelR NUC Boards, IntelR NUC Business, IntelR NUC Enthusiast, IntelR NUC Kits versions before HN0067 Description: The issue is related to improper authentication in BIOS firmware, which may allow a privileged user to potentially enable...

Intel® NUC Firmware Advisory

Summary: Potential security vulnerabilities for some Intel® NUCs may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2021-0067 Description: Improper access control in system firmware for some IntelR...

Ukrainian Man Arrested For Distributing NotPetya Ransomware And Helping Tax Evaders

Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware Petya.A, also known as NotPetya — the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine as well as different parts of Europe around 45 days ago...

'The Hacker News' Celebrating its 4th Anniversary

Dear THN Readers, 'The Hacker News' is celebrating its 4th Anniversary today and we would like to thank every single Hacker, Researcher, Journalist, Enthusiast who has contributed to our phenomenal growth. When we began our journey 4 years back as a Small Local Community of few Hackers and Securi...

All Enthusiast PhotoPost PHP Pro 5.0 adm-photo.php Arbitrary Image Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/12779/info PhotoPost PHP Pro is a web-based image gallery application written in PHP. It can be implemented on any platform that supports PHP script execution. Multiple remote vulnerabilities affect All Enthusiast PhotoPo...

Pixelpost 1.7.3 Cross Site Scripting

Exploit Title: pixelpost 1.7.3 Cross Site Scripting Vulnerabilities Date: 06/03/2013 Author: Nikhalesh Singh Bhadoria Twitter: @nikhaleshsingh Download Link:http://www.pixelpost.org/ Versions Affected: pixelpost 1.7.3 Category:Xss...

CVE-2008-5792

PHP remote file inclusion vulnerability in showjoined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue...

Directory traversal

PHP remote file inclusion vulnerability in showjoined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue...

CVE-2008-5792

CVE-2008-5792 affects Indiscripts Enthusiast (3.1.4 and possibly earlier). The vulnerability is a PHP remote file inclusion in show_joined.php where an attacker can supply a URL in the path parameter to execute arbitrary PHP code on the server. The issue is also noted as a directory traversal con...

CVE-2008-5792

PHP remote file inclusion vulnerability in showjoined.php in Indiscripts Enthusiast 3.1.4, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: the researcher also points out the analogous directory traversal issue...

Enthusiast show_joined.php远程文件包含漏洞

BUGTRAQ ID: 32205 Enthusiast是一个成员列表集中管理脚本。 Enthusiast的showjoined.php文件没有正确地验证对path参数的输入参数便用于包含文件： /showjoined.php line:261-264 p class="showjoinedcredits" a href="http://scripts.indisguise.org"Powered by Enthusiast ?php include $path . 'showenthversion.php' ?/a /p...

Enthusiast 3 Remote Code Execution

www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...

enthusiast-exec.txt

www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...

Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix:...