A Bootiful Podcast: Java Champion and legend Henri Tremblay

Hi, Spring fans! In this installment I talk to Henri Tremblay, head of TS Imagine Canada, Java Champion, Montreal JUG leader, EasyMock lead dev and all around legend!...

Privilege Escalation Vulnerability Patched Promptly in WP Data Access WordPress Plugin

On April 5, 2023 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in WP Data Access, a WordPress plugin that is installed on over 10,000 sites. This flaw makes it possible for an authenticated attacker to grant themselves...

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application For iOS

This is a Swift version of original iGoat Objective C project. Using OWASP iGoat, you can learn exploiting and defending vulnerabilities in iOS Swift applications. Developed using Swif 4 and Ruby iGoat Objective C was presented at: OWASP TOP 10 Mobile Reverse Engineering Runtime Analysis Data...

FreeBSD : froxlor -- database password information leak (9ee72858-4159-11e5-93ad-002590263bf5)

[email protected] reports : An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

Bonefire 0.7.1 - Reinstall Admin Account

Bonefire 0.7.1 - Reinstall Admin Account !/usr/bin/env python coding: utf-8 Bonefire v.0.7.1 Reinstall Admin Account Exploit Author : Mehmet INCE Analysis write-up : http://www.mehmetince.net/ci-bonefire-reinstall-admin-account-vulnerability-analysis-exploit/ Description : Forgotten controls lead...

Openconstructor CMS 3.12.0 Reflected XSS

Title: Openconstructor CMS 3.12.0 Multiple Reflected Cross-site Scrpting vulnerabilities Affected Software: http://www.openconstructor.org/ http://code.google.com/p/openconstructor/downloads/list http://esectorsolutions.com/about/whats-new/esector-news/detailed/?id=234 Description: Openconstructo...