CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 CVSS score: 7.2,...

PoC Exploits Do More Good Than Harm: Threatpost Poll

When it comes to the release of proof-of-concept PoC exploits, more security experts agree that the positives outweigh the negatives, according to a recent and informal Threatpost poll. Last week, Threatpost conducted a reader poll and almost 60 percent of 230 security pundits thought it was a...

Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?

The practice of disclosing proof-of-concept PoC exploits has long caused a debate in the security community. As the name suggests, these outline steps used to exploit a vulnerability in a system to show how it can be done — and are used to test networks and pinpoint vulnerable aspects of a system...

News Wrap: PoC Exploits, Cable Haunt and Joker Malware

This week’s news wrap podcast breaks down the biggest Threatpost security stories of the week, including: Various proof-of-concept exploits being released for serious vulnerabilities this week – including for the recently-patched crypto-spoofing vulnerability found by the National Security Agency...

PoC Exploits Published For Microsoft Crypto Bug

Two proof-of-concept PoC exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. The vulnerability CVE-2020-0601 could enable an attacker to spoof a code-signing certificate necessary for validati...

ShareCMS 0.1 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. ============================================================== ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

QNX Multiple Vulnerabilities

OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...

WSN Links SQL Injection

'WSN Links' SQL Injection Vulnerability CVE-2010-4006 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assembling portions of SQL code between the...

ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. ============================================================== ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

sharecms-sql.txt

============================================================== ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities ============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== ShareCMS 0.1 Multiple Remote SQL Injection Vulnerabilities ========================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------...

MyBlog: PHP and MySQL BlogCMS software - SQL Injection Cross-Site Scripting

MyBlog: PHP and MySQL BlogCMS software - SQL Injection Cross-Site Scripting ===================================================================================== MyBlog: PHP and MySQL Blog/CMS software SQL/XSS Multiple Remote Vulnerabilities...

MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting

===================================================================================== MyBlog: PHP and MySQL Blog/CMS software SQL/XSS Multiple Remote Vulnerabilities ===================================================================================== ,--^----------,--------,-----,-------^--, |...

jaxultrabb 2.0 - Local File Inclusion / Cross-Site Scripting

=============================================================== JaxUltraBB = 2.0 LFI/XSS Multiple Remote Vulnerabilities =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

Family Connections CMS 1.4 - Multiple SQL Injections

========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...