Covid-19 Contact Tracing System 1.0 SQL Injection

============================================================================================================================================= | Title : Covid-19 Contact Tracing System 1.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

Fedora: Security Advisory for jericho-html (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jericho-html-3.3-30.fc40

Jericho HTML Parser is a java library allowing analysis and manipulation of parts of an HTML document, including server-side tags, while reproducing verbatim any unrecognized or invalid HTML. It also provides high-level HTML form manipulation functions. It is an open source library released under...

Infinity Market Classified Ads Script 1.6.2 Cross Site Scripting

==================================================================================================================================== | Title : Infinity Market Classified Ads Script 1.6.2 xss via file uploads Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor...

ArabInfotech CMS 2.0.1 Cross Site Scripting

==================================================================================================================================== | Title : ArabInfotech CMS v 2.0.1 L.L.C Xss Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro | | Vendor : http://www.editpubdz.com/ |...

Wizcyb Interactive 2.0 SQL Injection

==================================================================================================================================== | Title : wizcyb interactive v2.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

Back to the future: What the Jericho Forum taught us about modern security

Some of the earliest formal work on what we now call Zero Trust started around in a security consortium known as the Jericho Forum which later merged into The Open Group Security Forum. This started as a group of like-minded CISOs wrestling with the limitations of the dominant and unquestioned...

Back to the future: What the Jericho Forum taught us about modern security

Some of the earliest formal work on what we now call Zero Trust started around in a security consortium known as the Jericho Forum which later merged into The Open Group Security Forum. This started as a group of like-minded CISOs wrestling with the limitations of the dominant and unquestioned...

Decrypting What Zero Trust Is, And What It Likely Isn’t

It’s always an indicator of confusion when instead of hearing “I want Q” I’m asked “what is Q?”. In this case the ‘Q’ is Zero Trust. I’ll try and give my best take on what I understand Zero Trust to be. History Repeats Let’s start with the background. Quite a while back the Jericho Forum proposed...

C.COM Events CMS 0.1.02 SQL Injection / Authentication Bypass

======================================================================== | Title : C.COM 0.1.02 Events CMS authentication bypass vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : http://www.congresalgerie.com/...

Joomla Forms 1.3.1 SQL Injection

======================================================================== | Title : Joomla comforms 1.3.1 Sql injection vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : https://github.com/subtext/comforms/blob/master/forms.xml...

NerdyZine 2.0 SQL Injection

======================================================================== | Title : NerdyZine 2.0 SQL Injection vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : http://www.nerdyzine.net/...

Joomla Subcategory 1.2.15 SQL Injection

| Title : Joomla comsubcategory 1.2.15 SQL Injection Vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : http://sh.st/mGzXC ======================================================================== Sql injection :...

RW::Download 4.0.8 File Inclusion / SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...

DBKiss 1.16 Cross Site Scripting

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...

PHPads 2.0 File Disclosure

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...

Imagevue 2.8.9 XSS / Password Disclosure

| Title : Imagevue.v2.8.9 Multi Vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Download : http://www.dl.persianscript.ir/script/Imagevue.v2.8.9.PHP.NULL-DGTPersianScript.ir.rar ======================================= App Msg Error :...

Audio Share 2.0.2 Cross Site Scripting / Remote File Inclusion

| Title : Audio Share v2.0.2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by AudioShareScript.com | Tested on: windows 8.1 Français V.Pro | Download : http://demo.audiosharescript.com/ ======================================= XSS / HTML Inject :...

De-perimeterization and open standards

From Cnet, by Jon Oltsik The openness and universal connectivity that helped break down the barriers between coporate networks has also turned out to be a security liability. Jon Oltsik, an analyst at Enterprise Strategy Group, writes that there’s now a need for open standards in security Cnet...

[SA19727] @1 Event Publisher Multiple Vulnerabilities

TITLE: @1 Event Publisher Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19727 VERIFY ADVISORY: http://secunia.com/advisories/19727/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: From remote SOFTWARE: @1 Event Publisher...