6 matches found
Phishing emails disguised as spam filter alerts are stealing logins
Cybercriminals are spoofing "email delivery" notifications to look like they came from spam filters inside your own organization. The goal is to lure you to a phishing site that steals login credentials—credentials that could unlock your email, cloud storage or other personal accounts. The email...
PSF Warns of Fake PyPI Login Site Stealing User Credentials
The Python Software Foundation PSF warns developers of phishing emails leading to a fake PyPI login site designed to steal account credentials...
PYSEC-2014-64
The isURLInPortal method in the URLTool class in inportal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allowexternalloginsites filtering property, redirect users to...
Softbiz Classifieds PLUS SQL Injection
----------------------------Information------------------------------------------------ +Name : Softbiz Classifieds PLUS SQL Injection gallery.php +Autor : Easy Laster +Date : 25.02.2010 +Script : Softbiz Classifieds PLUS +Download : ----- +Demo : www.posbisnis.com /the password is in browser lin...
Flex CMS (catId) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================== FlexCMS catId Remote SQL Injection Vulnerability ================================================== AUTHOR: MisterRichard FlexCMS Remote SQL Injection Discovered by MisterRichard. Develope...
FlexCMS 2.5 - 'catId' SQL Injection
AUTHOR: MisterRichard FlexCMS Remote SQL Injection Discovered by MisterRichard. Developer site: http://www.flexcms.dk/ Developer has not been notified. Live demo: Injection: www.target.com/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concatusername,char58,password+from+users--...