Tailor MS 1.0 - Reflected Cross-Site Scripting

Exploit Title: Tailor MS 1.0 - Reflected Cross-Site Scripting Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-09-14 CVE ID: CVE-2020-23835 Vendor Homepage: https://www.sourcecodester.com Software Link:...

Basecamp: HTTP request smuggling on Basecamp 2 allows web cache poisoning

It is found that an authenticated Basecamp 2 user can desync front and backend servers and poison the socket with harmful response for the next visitor. During redirect probe, It also appears that front-end infrastructure performs caching of content. Using HTTP request smuggling attack, It is...

Behind the CARBANAK Backdoor

In this blog, we will take a closer look at the powerful, versatile backdoor known as CARBANAK aka Anunak. Specifically, we will focus on the operational details of its use over the past few years, including its configuration, the minor variations observed from sample to sample, and its evolution...

Browser is Firefox under attack skills summary-vulnerability warning-the black bar safety net

A Key Logger // First in Mozilla Firefox use addEventListener for keypress event to register an event handler, here is the onkey function, in order to achieve the keyboard record function. document. addEventListener"keypress", onkey,false; var keys="; function onkeye keyss += String. fromCharCode...

Duqu computer virus Detected by Iran civil defense organization

Duqu computer virus Detected by Iran civil defense organization The virus is called W32.Duqu, or just Duqu create fear after the opening Pandora's Box of Stuxnet. The head of Iran's civil defense organization told the official IRNA news agency that computers at all main sites at risk were being...

Duqu computer virus Detected by Iran civil defense organization

Duqu computer virus Detected by Iran civil defense organization The virus is called W32.Duqu, or just Duqu create fear after the opening Pandora's Box of Stuxnet. The head of Iran's civil defense organization told the official IRNA news agency that computers at all main sites at risk were being...

JVN#99175647: Virus Buster 2009 key input encryption function vulnerability

The key input encryption function in Virus Buster 2009 contains a vulnerability where a portion of password that is entered in the web browser is not properly encrypted. Impact When input information is stolen by a key logger, portions of the information may be leaked in plaintext. Solution Updat...

Bugbear.B worm

BugBear.B backdoor is listening on this port. SPDX-FileCopyrightText: 2003 Tenable Network Security Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bugbear.B worm

BugBear.B backdoor is listening on this port. A cracker may connect to it to retrieve secret information, e.g. passwords or credit card numbers... The BugBear.B worm includes a key logger and can kill antivirus or personal firewall softwares. It propagates itself through email and open Windows...

Bugbear worm

BugBear backdoor is listening on this port. SPDX-FileCopyrightText: 2005 Michel Arboi & Thomas Reinke Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...