CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

Faraday 1.0.16 - Collaborative Penetration Test and Vulnerability Management Platform

Faraday introduces a new concept - IPE Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the generated data during the process of a security audit. This version comes with major changes to our Web UI, including the...

Blog:CMS 4.2.1b - SQL Injection Cross-Site Scripting

Blog:CMS 4.2.1b - SQL Injection Cross-Site Scripting Digital Security Research Group DSecRG Advisory DSECRG-08-003 Application: Blogcms Versions Affected: Blogcms 4.2.1b Vendor URL: http://blogcms.com/ Bugs: SQL Injestions, SiXSS, XSS Exploits: YES Reported: 15.01.2008 Vendor response: 16.01.2008...