Event Booking Calendar 4.0 Cross Site Scripting

Title: Event Booking Calendar-4.0 XSS-Reflected Author: nu11secur1ty Date: 09/06/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The value o...

Event Booking Calendar 4.0 Cross Site Scripting Vulnerability

Title: Event Booking Calendar-4.0 XSS-Reflected Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The value of the index reque...

New Golang-based 'Agenda Ransomware' Can Be Customized For Each Victim

A new ransomware strain written in Golang dubbed "Agenda" has been spotted in the wild, targeting healthcare and education entities in Indonesia, Saudi Arabia, South Africa, and Thailand. "Agenda can reboot systems in safe mode, attempts to stop many server-specific processes and services, and ha...

Reaper Botnet

It's based on the Mirai code, but much more virulent: While Mirai caused widespread outages, it impacted IP cameras and internet routers by simply exploiting their weak or default passwords. The latest botnet threat, known as alternately as IoT Troop or Reaper, has evolved that strategy, using...

Petya Ransomware Lateral Movement Remote Code Execution

Petya is a malware that infects Windows computers, encrypting files and demanding ransom to decrypt the files. Once a network is infected the malware propagates laterally to further infect devices on the network...

PLC Blaster Worm Targets Industrial Control PLCs

LAS VEGAS – Security researchers at Black Hat USA described a proof-of-concept worm that targets weaknesses within automated industrial control systems used to manage critical infrastructure and manufacturing. The worm, according to OpenSource Security, has the capability to autonomously search f...

Vicidial 2.11 Cross Site Scripting

Exploit Title: Vicidial 2.11 Scripts - Authenticated Stored XSS Date: 0 day Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Vendor Homepage: http://vicidial.org Software Link: https://sourceforge.net/projects/astguiclient/files/astguiclient2.11rc1.zip/download...

Vicidial 2.11 - Scripts Persistent Cross-Site Scripting

Exploit Title: Vicidial 2.11 Scripts - Authenticated Stored XSS Date: 0 day Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Vendor Homepage: http://vicidial.org Software Link: https://sourceforge.net/projects/astguiclient/files/astguiclient2.11rc1.zip/download...

Vicidial 2.11 - Scripts Persistent Cross-Site Scripting

Exploit for php platform in category web applications Exploit Title: Vicidial 2.11 Scripts - Authenticated Stored XSS Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Vendor Homepage: http://vicidial.org Software Link:...

Vicidial 2.11 - Scripts Persistent Cross-Site Scripting

Vicidial 2.11 - Scripts Persistent Cross-Site Scripting Exploit Title: Vicidial 2.11 Scripts - Authenticated Stored XSS Date: 0 day Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Vendor Homepage: http://vicidial.org Software Link:...

Fake Conficker Alert Drops Scareware Threat

An ongoing spam campaign is once again attempting to impersonate Microsoft’s security team by mass mailing Conficker.B Infection Alerts that drop a sample of the Antivirus Pro 2010 scareware scam. Here’s a sample of what the text looks like: “Dear Microsoft Customer, Starting 18/10/2009 the...

Update Protections against Recent Malware Threats (20-May-09)

The update includes new protections against 8 recent malware threats:Rogue-Software: ThreatNuker - ThreatNuker is a rogue security software that performs fake scans on the system and reports false and exaggerated infections. It attempts to trick the users into purchasing the license of the softwa...